製品・ソフトウェアに関する情報

JVN脆弱性詳細

NTP の ntpq における任意のコードを実行される脆弱性

Title	NTP の ntpq における任意のコードを実行される脆弱性
Summary	NTP の ntpq にある ntpq/ntpq.c 内の cookedprint 関数には、レスポンスの処理に不備があるため、任意のコードを実行される脆弱性が存在します。
Possible impacts	リモートの NTP サーバにより、任意のコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	April 14, 2009, midnight
Registration Date	June 26, 2009, 2:07 p.m.
Last Update	March 27, 2012, 11:35 a.m.

CVSS2.0 : 警告
Score	6.8
Vector	AV:N/AC:M/Au:N/C:P/I:P/A:P

Affected System

レッドハット

Red Hat Enterprise Linux 3 (as)

Red Hat Enterprise Linux 3 (es)

Red Hat Enterprise Linux 3 (ws)

Red Hat Enterprise Linux 4 (as)

Red Hat Enterprise Linux 4 (es)

Red Hat Enterprise Linux 4 (ws)

Red Hat Enterprise Linux 4.7 (as)

Red Hat Enterprise Linux 4.7 (es)

Red Hat Enterprise Linux 4.8 (as)

Red Hat Enterprise Linux 4.8 (es)

Red Hat Enterprise Linux 5 (server)

Red Hat Enterprise Linux Desktop 3.0

Red Hat Enterprise Linux Desktop 4.0

Red Hat Enterprise Linux Desktop 5.0 (client)

Red Hat Enterprise Linux EUS 5.3.z (server)

ヒューレット・パッカード

HP-UX 11.11

HP-UX 11.23

HP-UX 11.31

NTP Project

NTP 4.2.4p7-RC2 未満

オラクル

Netra SPARC T3-1

Netra SPARC T3-1B

Netra SPARC T3-1BA

SPARC T3-1

SPARC T3-1B

SPARC T3-2

SPARC T3-4

ターボリナックス

Turbolinux Appliance Server 2.0

Turbolinux Appliance Server 3.0

Turbolinux Appliance Server 3.0 (x64)

Turbolinux Client 2008

Turbolinux FUJI

Turbolinux Server 10

Turbolinux Server 10 (x64)

Turbolinux Server 11

Turbolinux Server 11 (x64)

サイバートラスト株式会社

Asianux Server 2.0

Asianux Server 2.1

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

Asianux Server 3.0

Asianux Server 3.0 (x86-64)

Asianux Server 4.0

Asianux Server 4.0 (x86-64)

アップル

Apple Mac OS X v10.4.11

Apple Mac OS X v10.5 から v10.5.6

Apple Mac OS X Server v10.4.11

Apple Mac OS X Server v10.5 から v10.5.6

VMware

VMware ESX 2.5.5

VMware ESX 3.0.3

VMware ESX 3.5

VMware ESX 4.0

VMware ESXi 3.5

VMware ESXi 4.0

VMware vMA 4.0

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2009-0159	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
National Vulnerability Database (NVD)
2	CVE-2009-0159	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0159

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
Apple Security Updates
1	HT3549	http://support.apple.com/kb/HT3549
Apple セキュリティアップデート
2	HT3549	http://support.apple.com/kb/HT3549?viewlocale=ja_JP
Asianux Technical Support Network
3	ntp-4.2.2p1-9.2.1AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=435
HP Security Bulletin
4	HPSBUX02437	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01763606
MIRACLE LINUX アップデート情報
5	1719	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1719
6	1840	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1840
7	1841	http://www.miraclelinux.com/support/index.php?q=node/99&errata_id=1841
ntp.org
8	Top Page	http://www.ntp.org/
Red Hat Security Advisory
9	RHSA-2009:1039	https://rhn.redhat.com/errata/RHSA-2009-1039.html
10	RHSA-2009:1040	https://rhn.redhat.com/errata/RHSA-2009-1040.html
11	RHSA-2009:1651	https://rhn.redhat.com/errata/RHSA-2009-1651.html
SECURITY BLOG
12	multiple_vulnerabilities_in_network_time	http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_network_time
Turbolinux Security Advisory (英語)
13	TLSA-2009-17	http://www.turbolinux.com/security/2009/TLSA-2009-17.txt
VMware Security Advisories
14	VMSA-2009-0016	http://www.vmware.com/security/advisories/VMSA-2009-0016.html
レッドハットセキュリティーアップデート
15	RHSA-2009:1039	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1039J.html
16	RHSA-2009:1040	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1040J.html
17	RHSA-2009:1651	https://www.jp.redhat.com/support/errata/RHSA/RHSA-2009-1651J.html
富士通セキュリティ情報
18	TA09-133A	http://software.fujitsu.com/jp/security/vulnerabilities/ta09-133a.html
製品セキュリティ情報
19	TLSA-2009-17	http://www.turbolinux.co.jp/security/2009/TLSA-2009-17j.txt

その他

No	Name	URL
ISS X-Force Database
1	49838	http://xforce.iss.net/xforce/xfdb/49838
JVN
2	JVNTA09-133A	http://jvn.jp/cert/JVNTA09-133A/
JVN Status Tracking Notes
3	JVNTR-2009-12	http://jvn.jp/tr/JVNTR-2009-12
OPEN SOURCE VULNERABILITY DATABASE (OSVDB)
4	53593	http://osvdb.org/53593
Secunia Advisory
5	SA34608	http://secunia.com/advisories/34608
6	SA35074	http://secunia.com/advisories/35074
7	SA35138	http://secunia.com/advisories/35138
8	SA35166	http://secunia.com/advisories/35166
SecurityFocus
9	34481	http://www.securityfocus.com/bid/34481
SecurityTracker
10	1022033	http://www.securitytracker.com/id?1022033
US-CERT Cyber Security Alerts
11	SA09-133A	http://www.us-cert.gov/cas/alerts/SA09-133A.html
US-CERT Technical Cyber Security Alert
12	TA09-133A	http://www.us-cert.gov/cas/techalerts/TA09-133A.html
VUPEN Security
13	VUPEN/ADV-2009-0999	http://www.vupen.com/english/advisories/2009/0999
14	VUPEN/ADV-2009-1297	http://www.vupen.com/english/advisories/2009/1297

Change Log

No	Changed Details	Date of change
0	[2009年06月26日] 掲載 [2009年08月17日] 影響を受けるシステム：ヒューレット・パッカード (HPSBUX02437) の情報を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02437) を追加 [2010年01月19日] 影響を受けるシステム：ミラクル・リナックス (1840) の情報を追加影響を受けるシステム：ミラクル・リナックス (1841) の情報を追加影響を受けるシステム：レッドハット (RHSA-2009:1651) の情報を追加ベンダ情報：ミラクル・リナックス (1840) を追加ベンダ情報：ミラクル・リナックス (1841) を追加ベンダ情報：レッドハット (RHSA-2009:1651) を追加 [2011年12月28日] 影響を受けるシステム：VMware (VMSA-2009-0016) の情報を追加影響を受けるシステム：オラクル (multiple_vulnerabilities_in_network_time) の情報を追加ベンダ情報：VMware (VMSA-2009-0016) を追加ベンダ情報：オラクル (multiple_vulnerabilities_in_network_time) を追加 [2012年03月27日] 影響を受けるシステム：オラクル (multiple_vulnerabilities_in_network_time) の情報を更新	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2009-0159

Summary	Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
Summary	Desbordamiento de búfer basado en pila en la función cookedprint en ntpq/ntpq.c en ntpq en NTP versiones anteriores a v4.2.4p7-RC2 permite a servidores NTP remotos ejecutar código de su elección a través de respuestas manipuladas.
Publication Date	April 15, 2009, 12:30 a.m.
Registration Date	Jan. 29, 2021, 1:13 p.m.
Last Update	April 23, 2026, 9:35 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:ntp:ntp::rc1::::::*		4.2.4p7
cpe:2.3:a:ntp:ntp:4.0.72:::::::*
cpe:2.3:a:ntp:ntp:4.0.73:::::::*
cpe:2.3:a:ntp:ntp:4.0.90:::::::*
cpe:2.3:a:ntp:ntp:4.0.91:::::::*
cpe:2.3:a:ntp:ntp:4.0.92:::::::*
cpe:2.3:a:ntp:ntp:4.0.93:::::::*
cpe:2.3:a:ntp:ntp:4.0.94:::::::*
cpe:2.3:a:ntp:ntp:4.0.95:::::::*
cpe:2.3:a:ntp:ntp:4.0.96:::::::*
cpe:2.3:a:ntp:ntp:4.0.97:::::::*
cpe:2.3:a:ntp:ntp:4.0.98:::::::*
cpe:2.3:a:ntp:ntp:4.0.99:::::::*
cpe:2.3:a:ntp:ntp:4.1.0:::::::*
cpe:2.3:a:ntp:ntp:4.1.2:::::::*
cpe:2.3:a:ntp:ntp:4.2.0:::::::*
cpe:2.3:a:ntp:ntp:4.2.2:::::::*
cpe:2.3:a:ntp:ntp:4.2.2p1:::::::*
cpe:2.3:a:ntp:ntp:4.2.2p2:::::::*
cpe:2.3:a:ntp:ntp:4.2.2p3:::::::*
cpe:2.3:a:ntp:ntp:4.2.2p4:::::::*
cpe:2.3:a:ntp:ntp:4.2.4:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p0:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p1:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p2:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p3:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p4:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p5:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p6:::::::*

Related information, measures and tools

No	URL	refsource
1	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc	cve@mitre.org
2	http://bugs.pardus.org.tr/show_bug.cgi?id=9532	cve@mitre.org
3	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html	cve@mitre.org
4	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	cve@mitre.org
5	http://marc.info/?l=bugtraq&m=136482797910018&w=2	cve@mitre.org
6	http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch&REV=1.1565	cve@mitre.org
7	http://osvdb.org/53593	cve@mitre.org
8	http://rhn.redhat.com/errata/RHSA-2009-1039.html	cve@mitre.org
9	http://rhn.redhat.com/errata/RHSA-2009-1040.html	cve@mitre.org
10	http://secunia.com/advisories/34608	cve@mitre.org
11	http://secunia.com/advisories/35074	cve@mitre.org
12	http://secunia.com/advisories/35137	cve@mitre.org
13	http://secunia.com/advisories/35138	cve@mitre.org
14	http://secunia.com/advisories/35166	cve@mitre.org
15	http://secunia.com/advisories/35169	cve@mitre.org
16	http://secunia.com/advisories/35253	cve@mitre.org
17	http://secunia.com/advisories/35308	cve@mitre.org
18	http://secunia.com/advisories/35336	cve@mitre.org
19	http://secunia.com/advisories/35416	cve@mitre.org
20	http://secunia.com/advisories/35630	cve@mitre.org
21	http://secunia.com/advisories/37471	cve@mitre.org
22	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566238	cve@mitre.org
23	http://support.apple.com/kb/HT3549	cve@mitre.org
24	http://www.debian.org/security/2009/dsa-1801	cve@mitre.org
25	http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml	cve@mitre.org
26	http://www.mandriva.com/security/advisories?name=MDVSA-2009:092	cve@mitre.org
27	http://www.securityfocus.com/archive/1/507985/100/0/threaded	cve@mitre.org
28	http://www.securityfocus.com/bid/34481	cve@mitre.org
29	http://www.securitytracker.com/id?1022033	cve@mitre.org
30	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	cve@mitre.org
31	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	cve@mitre.org
32	http://www.vupen.com/english/advisories/2009/0999	cve@mitre.org
33	http://www.vupen.com/english/advisories/2009/1297	cve@mitre.org
34	http://www.vupen.com/english/advisories/2009/3316	cve@mitre.org
35	https://bugzilla.redhat.com/show_bug.cgi?id=490617	cve@mitre.org
36	https://exchange.xforce.ibmcloud.com/vulnerabilities/49838	cve@mitre.org
37	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392	cve@mitre.org
38	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411	cve@mitre.org
39	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386	cve@mitre.org
40	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665	cve@mitre.org
41	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634	cve@mitre.org
42	https://rhn.redhat.com/errata/RHSA-2009-1651.html	cve@mitre.org
43	https://support.ntp.org/bugs/show_bug.cgi?id=1144	cve@mitre.org
44	https://usn.ubuntu.com/777-1/	cve@mitre.org
45	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html	cve@mitre.org
46	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html	cve@mitre.org
47	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc	af854a3a-2127-422b-91ae-364da2661108
48	http://bugs.pardus.org.tr/show_bug.cgi?id=9532	af854a3a-2127-422b-91ae-364da2661108
49	http://lists.apple.com/archives/security-announce/2009/May/msg00002.html	af854a3a-2127-422b-91ae-364da2661108
50	http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html	af854a3a-2127-422b-91ae-364da2661108
51	http://marc.info/?l=bugtraq&m=136482797910018&w=2	af854a3a-2127-422b-91ae-364da2661108
52	http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch&REV=1.1565	af854a3a-2127-422b-91ae-364da2661108
53	http://osvdb.org/53593	af854a3a-2127-422b-91ae-364da2661108
54	http://rhn.redhat.com/errata/RHSA-2009-1039.html	af854a3a-2127-422b-91ae-364da2661108
55	http://rhn.redhat.com/errata/RHSA-2009-1040.html	af854a3a-2127-422b-91ae-364da2661108
56	http://secunia.com/advisories/34608	af854a3a-2127-422b-91ae-364da2661108
57	http://secunia.com/advisories/35074	af854a3a-2127-422b-91ae-364da2661108
58	http://secunia.com/advisories/35137	af854a3a-2127-422b-91ae-364da2661108
59	http://secunia.com/advisories/35138	af854a3a-2127-422b-91ae-364da2661108
60	http://secunia.com/advisories/35166	af854a3a-2127-422b-91ae-364da2661108
61	http://secunia.com/advisories/35169	af854a3a-2127-422b-91ae-364da2661108
62	http://secunia.com/advisories/35253	af854a3a-2127-422b-91ae-364da2661108
63	http://secunia.com/advisories/35308	af854a3a-2127-422b-91ae-364da2661108
64	http://secunia.com/advisories/35336	af854a3a-2127-422b-91ae-364da2661108
65	http://secunia.com/advisories/35416	af854a3a-2127-422b-91ae-364da2661108
66	http://secunia.com/advisories/35630	af854a3a-2127-422b-91ae-364da2661108
67	http://secunia.com/advisories/37471	af854a3a-2127-422b-91ae-364da2661108
68	http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566238	af854a3a-2127-422b-91ae-364da2661108
69	http://support.apple.com/kb/HT3549	af854a3a-2127-422b-91ae-364da2661108
70	http://www.debian.org/security/2009/dsa-1801	af854a3a-2127-422b-91ae-364da2661108
71	http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml	af854a3a-2127-422b-91ae-364da2661108
72	http://www.mandriva.com/security/advisories?name=MDVSA-2009:092	af854a3a-2127-422b-91ae-364da2661108
73	http://www.securityfocus.com/archive/1/507985/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
74	http://www.securityfocus.com/bid/34481	af854a3a-2127-422b-91ae-364da2661108
75	http://www.securitytracker.com/id?1022033	af854a3a-2127-422b-91ae-364da2661108
76	http://www.us-cert.gov/cas/techalerts/TA09-133A.html	af854a3a-2127-422b-91ae-364da2661108
77	http://www.vmware.com/security/advisories/VMSA-2009-0016.html	af854a3a-2127-422b-91ae-364da2661108
78	http://www.vupen.com/english/advisories/2009/0999	af854a3a-2127-422b-91ae-364da2661108
79	http://www.vupen.com/english/advisories/2009/1297	af854a3a-2127-422b-91ae-364da2661108
80	http://www.vupen.com/english/advisories/2009/3316	af854a3a-2127-422b-91ae-364da2661108
81	https://bugzilla.redhat.com/show_bug.cgi?id=490617	af854a3a-2127-422b-91ae-364da2661108
82	https://exchange.xforce.ibmcloud.com/vulnerabilities/49838	af854a3a-2127-422b-91ae-364da2661108
83	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392	af854a3a-2127-422b-91ae-364da2661108
84	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411	af854a3a-2127-422b-91ae-364da2661108
85	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386	af854a3a-2127-422b-91ae-364da2661108
86	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665	af854a3a-2127-422b-91ae-364da2661108
87	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634	af854a3a-2127-422b-91ae-364da2661108
88	https://rhn.redhat.com/errata/RHSA-2009-1651.html	af854a3a-2127-422b-91ae-364da2661108
89	https://support.ntp.org/bugs/show_bug.cgi?id=1144	af854a3a-2127-422b-91ae-364da2661108
90	https://usn.ubuntu.com/777-1/	af854a3a-2127-422b-91ae-364da2661108
91	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html	af854a3a-2127-422b-91ae-364da2661108
92	https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:ntp:ntp::rc1::::::*		4.2.4p7
cpe:2.3:a:ntp:ntp:4.0.72:::::::*
cpe:2.3:a:ntp:ntp:4.0.73:::::::*
cpe:2.3:a:ntp:ntp:4.0.90:::::::*
cpe:2.3:a:ntp:ntp:4.0.91:::::::*
cpe:2.3:a:ntp:ntp:4.0.92:::::::*
cpe:2.3:a:ntp:ntp:4.0.93:::::::*
cpe:2.3:a:ntp:ntp:4.0.94:::::::*
cpe:2.3:a:ntp:ntp:4.0.95:::::::*
cpe:2.3:a:ntp:ntp:4.0.96:::::::*
cpe:2.3:a:ntp:ntp:4.0.97:::::::*
cpe:2.3:a:ntp:ntp:4.0.98:::::::*
cpe:2.3:a:ntp:ntp:4.0.99:::::::*
cpe:2.3:a:ntp:ntp:4.1.0:::::::*
cpe:2.3:a:ntp:ntp:4.1.2:::::::*
cpe:2.3:a:ntp:ntp:4.2.0:::::::*
cpe:2.3:a:ntp:ntp:4.2.2:::::::*
cpe:2.3:a:ntp:ntp:4.2.2p1:::::::*
cpe:2.3:a:ntp:ntp:4.2.2p2:::::::*
cpe:2.3:a:ntp:ntp:4.2.2p3:::::::*
cpe:2.3:a:ntp:ntp:4.2.2p4:::::::*
cpe:2.3:a:ntp:ntp:4.2.4:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p0:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p1:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p2:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p3:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p4:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p5:::::::*
cpe:2.3:a:ntp:ntp:4.2.4p6:::::::*