Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-3563Chrony vulnerability

CWE-39916 documents10 sources
Severity
6.4MEDIUMNVD
NVD5.0
EPSS
79.6%
top 0.91%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
NTPTuxfamily ChronyDebian Chrony+1 more
Timeline
PublishedDec 9
Latest updateMar 20

Description

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.

CVSS vector

AV:N/AC:L/C:N/I:P/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages6 packages

debiandebian/ntp< ntp 1:4.2.4p8+dfsg-1 (bullseye)
debiandebian/chrony< chrony 1.23-7 (bookworm)
Debianntp/ntp< 1:4.2.4p8+dfsg-1
Debiantuxfamily/chrony< 1.23-7+3
NVDntp/ntp4.2.2p4+20

Patches

Patch: support.ntp.orgPatch: www.debian.orgPatch: www.kb.cert.org

🔴Vulnerability Details

4
GHSA
GHSA-gm22-x89c-4h54: ntp_request2022-05-03
GHSA
GHSA-2w7g-w6qh-q8wj: The read_from_cmd_socket function in cmdmon2022-05-02
OSV
CVE-2010-0292: The read_from_cmd_socket function in cmdmon2010-02-08
OSV
CVE-2009-3563: ntp_request2009-12-09

💥Exploits & PoCs

1
Metasploit
NTP.org ntpd Reserved Mode Denial of Service

📋Vendor Advisories

7
Red Hat
udp: Implementations of UDP protocol are vulnerable to network loops2024-03-20
BSD
FreeBSD-SA-10:02.ntpd: ntpd mode 7 denial of service2010-01-06
Debian
CVE-2010-0292: chrony - The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony before 1.23.1...2010
Cisco
Network Time Protocol Package Remote��Message Loop Denial of Service��Vulnerability2009-12-09
Red Hat
ntpd: DoS with mode 7 packets (VU#568372)2009-12-08

💬Community

2
Bugzilla
CVE-2010-0292 chrony susceptible to DoS attacks (CVE-2010-0293 CVE-2010-0294)2010-01-14
Bugzilla
CVE-2009-3563 ntpd: DoS with mode 7 packets (VU#568372)2009-10-27