exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

CVE-2009-0159

Status Candidate

Overview

Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.

Related Files

HP Security Bulletin HPSBUX02859 SSRT101144 3
Posted May 15, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02859 SSRT101144 3 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code. Revision 3 of this advisory.

tags | advisory, denial of service, arbitrary
systems | hpux
advisories | CVE-2009-0159, CVE-2009-3563
SHA-256 | 97b32abdd8e39e1e5b9feabde6030395b429177c1152753dcdf6fc4a860b318b
HP Security Bulletin HPSBUX02859 SSRT101144 2
Posted Apr 12, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02859 SSRT101144 2 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS) or Execute Arbitrary Code. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary
systems | hpux
advisories | CVE-2009-0159, CVE-2009-3563
SHA-256 | 665670bd5973873632baa834e8dbf771524847c5e81a9fb7b9cd98878e0d98cd
HP Security Bulletin HPSBUX02859 SSRT101144
Posted Mar 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02859 SSRT101144 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS) or Execute Arbitrary Code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary
systems | hpux
advisories | CVE-2009-0158, CVE-2009-0159, CVE-2009-3563
SHA-256 | f111df3c200dc90354002b61f3ac8dfd
HP Security Bulletin HPSBUX02859 SSRT101144
Posted Mar 30, 2013
Site hp.com

HP Security Bulletin HPSBUX02859 SSRT101144 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS) or Execute Arbitrary Code. Revision 1 of this advisory.

advisories | CVE-2009-0158, CVE-2009-0159, CVE-2009-3563
SHA-256 | 0746632b57a61b2a1e105c96a10c846b657feaa5332e287d785fe60802111b6c
HP Security Bulletin HPSBOV02497 SSRT090245 4
Posted Sep 23, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02497 SSRT090245 4 - Potential security vulnerabilities have been identified with HP TCP/IP Services for OpenVMS Running NTP. The vulnerabilities could be remotely exploited to execute arbitrary code or create a Denial of Service (DoS). Revision 4 of this advisory.

tags | advisory, denial of service, arbitrary, tcp, vulnerability
advisories | CVE-2009-0159, CVE-2009-1252, CVE-2009-3563
SHA-256 | 276161f9b5defba94587895476977046f39846e30ab23de7e9fcec0f7db3fd13
Mandriva Linux Security Advisory 2009-309
Posted Dec 3, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-309 - Requesting peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd. Packages for 2008.0 are being provided due to extended support for Corporate products. The updated packages have been patched to prevent this.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2009-0159, CVE-2009-1252
SHA-256 | 569d44718c363b879165cccc2876ddae82c144ec8ac5703c54ea660ec473034e
HP Security Bulletin HPSBUX02437 SSRT090038
Posted Jul 22, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running XNTP. The vulnerabilities could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | hpux
advisories | CVE-2009-0159, CVE-2009-1252
SHA-256 | d9cdab8e1fe997da061f0612c947f172b2fcb3add913836a42b31e48d2a4ae54
Gentoo Linux Security Advisory 200905-8
Posted May 27, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200905-08 - Multiple errors in the NTP client and server programs might allow for the remote execution of arbitrary code. Versions less than 4.2.4_p7 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2009-0159, CVE-2009-1252
SHA-256 | b20efb12e4e9d42824f528bbe9078a33ce48b4de072e33d361e0a7b25cdd7029
Ubuntu Security Notice 777-1
Posted May 20, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-777-1 - A stack-based buffer overflow was discovered in ntpq. If a user were tricked into connecting to a malicious ntp server, a remote attacker could cause a denial of service in ntpq, or possibly execute arbitrary code with the privileges of the user invoking the program. Chris Ries discovered a stack-based overflow in ntp. If ntp was configured to use autokey, a remote attacker could send a crafted packet to cause a denial of service, or possible execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-0159, CVE-2009-1252
SHA-256 | 55c1eeff974661777e2e48e1335608940fb002dbffde0d8cd36f061646d2a5fe
Debian Linux Security Advisory 1801-1
Posted May 19, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1801-1 - Several remote vulnerabilities have been discovered in NTP, the Network Time Protocol reference implementation.

tags | advisory, remote, vulnerability, protocol
systems | linux, debian
advisories | CVE-2009-0159, CVE-2009-1252
SHA-256 | a57a12424f37cb2ec816cd15519fb2d5be45c3576aa0d03f4f69d2831dfa63a0
Mandriva Linux Security Advisory 2009-092
Posted Apr 14, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-092 - Requesting peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution. The updated packages have been patched to correct this issue.

tags | advisory, remote, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2009-0159
SHA-256 | dba7ded47b33d61bbb6697ccd7c4d745eab9e30fe2306e00a7ca7590db7a3eaf
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close