[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-0159Date: (C)2009-04-14   (M)2024-03-26


Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1022033
http://www.securityfocus.com/archive/1/507985/100/0/threaded
BID-34481
SECUNIA-34608
SECUNIA-35074
SECUNIA-35137
SECUNIA-35138
SECUNIA-35166
SECUNIA-35169
SECUNIA-35253
SECUNIA-35308
SECUNIA-35336
SECUNIA-35416
SECUNIA-35630
SECUNIA-37471
OSVDB-53593
ADV-2009-0999
ADV-2009-1297
ADV-2009-3316
APPLE-SA-2009-05-12
DSA-1801
FEDORA-2009-5273
FEDORA-2009-5275
GLSA-200905-08
MDVSA-2009:092
NetBSD-SA2009-006
RHSA-2009:1039
RHSA-2009:1040
RHSA-2009:1651
SSA:2009-154-01
SSRT101144
SUSE-SR:2009:011
TA09-133A
USN-777-1
http://bugs.pardus.org.tr/show_bug.cgi?id=9532
http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch&REV=1.1565
http://support.apple.com/kb/HT3549
http://www.vmware.com/security/advisories/VMSA-2009-0016.html
https://bugzilla.redhat.com/show_bug.cgi?id=490617
https://support.ntp.org/bugs/show_bug.cgi?id=1144
ntp-cookedprint-bo(49838)
oval:org.mitre.oval:def:19392
oval:org.mitre.oval:def:5411
oval:org.mitre.oval:def:8386
oval:org.mitre.oval:def:8665
oval:org.mitre.oval:def:9634

CPE    17
cpe:/a:ntp:ntp:4.0.91
cpe:/a:ntp:ntp:4.0.92
cpe:/a:ntp:ntp:4.0.90
cpe:/a:ntp:ntp:4.0.95
...
CWE    1
CWE-119
OVAL    17
oval:org.secpod.oval:def:300571
oval:org.secpod.oval:def:500638
oval:org.secpod.oval:def:700298
oval:org.mitre.oval:def:8042
...

© SecPod Technologies