Multiple Vendors NTP Mode 7 Denial Of Service

Publish date: July 21, 2015
  Severity: MEDIUM
  CVE Identifier: CVE-2009-3563
  Advisory Date: JUL 21, 2015

  DESCRIPTION

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1003893
  Trend Micro Deep Security DPI Rule Name: 1003893 - Multiple Vendors NTP Mode 7 Denial Of Service

  AFFECTED SOFTWARE AND VERSION

  • ntp ntp 4.0.72
  • ntp ntp 4.0.73
  • ntp ntp 4.0.90
  • ntp ntp 4.0.91
  • ntp ntp 4.0.92
  • ntp ntp 4.0.93
  • ntp ntp 4.0.94
  • ntp ntp 4.0.95
  • ntp ntp 4.0.96
  • ntp ntp 4.0.97
  • ntp ntp 4.0.98
  • ntp ntp 4.0.99
  • ntp ntp 4.1.0
  • ntp ntp 4.1.2
  • ntp ntp 4.2.0
  • ntp ntp 4.2.2
  • ntp ntp 4.2.2p1
  • ntp ntp 4.2.2p2
  • ntp ntp 4.2.2p3
  • ntp ntp 4.2.2p4
  • ntp ntp 4.2.5

Featured Stories