NTP: Multiple Vendors NTP Mode 7 Denial of Service
A denial of service vulnerability exists in NTP. The vulnerability is due to incorrect handling of mode 7 (MODE_PRIVATE) requests. A remote unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted mode 7 request to a target NTP server. A successful attack can lead to a resource exhaustion and, ultimately, a denial of service condition of the affected service on a target system. NTP is a product shipped by multiple vendors.
Extended Description
NTP is prone to a remote denial-of-service vulnerability because it fails to properly handle certain incoming network packets. An attacker can exploit this issue to cause the application to consume excessive CPU resources and fill disk space with log messages.
Affected Products
Sun sparc_t3-4,Hp tcp/ip_services_for_openvms_i64,Sun opensolaris
Short Name
NTP:MODE7-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
NTP
Keywords
7 CVE-2009-3563 Denial Mode Multiple NTP Service Vendors bid:37255 of
Release Date
07/11/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Red_hat
Nortel_networks
Cisco
F5
Gentoo
Sun
Hp
Qnx
Avaya
Ntp
Vmware
Slackware
Pardus
Freebsd
Ubuntu
Mandriva
Suse
Netbsd
Debian
Rpath
Ibm
CVSS Score
6.4