What is CVE-2009-3563?

CVE-2009-3563 is a vulnerability in N/a. Published 2009-12-09.

Is CVE-2009-3563 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2009-3563

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continu…

EPSS: 0.811 (99.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

VU#568372 (third-party-advisory)
38832 (third-party-advisory)
kb.juniper.net/InfoCenter/index
oval:org.mitre.oval:def:11225 (signature, vdb-entry)
support.avaya.com/css/P8/documents/100071808
38794 (third-party-advisory)
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates (mailing-list)
FEDORA-2009-13121 (vendor-advisory)
bugzilla.redhat.com/show_bug.cgi
38764 (third-party-advisory)

Frequently asked questions

What is CVE-2009-3563?: CVE-2009-3563 is a vulnerability in N/a. Published 2009-12-09.
Is CVE-2009-3563 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.