CVE-2009-0159 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2009-0159 Interim 1 22 2025-03-25T02:06:22Z current 2021-05-30T12:45:34Z 2025-03-25T02:06:22Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2009-0159 Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XG7W4F6TFEUMKVXY6VY2PAQ2US2DKGEG/#XG7W4F6TFEUMKVXY6VY2PAQ2US2DKGEG E-Mail link for SUSE-SR:2009:011 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Legacy 15 SP1 SUSE Linux Enterprise Module for Legacy 15 SP2 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Module for Legacy 15 SUSE Linux Enterprise Module for Legacy 15 SP1 SUSE Linux Enterprise Module for Legacy 15 SP2 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Module for Legacy 15 SUSE Linux Enterprise Module for Legacy 15 SP1 SUSE Linux Enterprise Module for Legacy 15 SP2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Module for Legacy 15 SUSE Linux Enterprise Module for Legacy 15 SP1 SUSE Linux Enterprise Module for Legacy 15 SP2 SUSE Linux Enterprise Module for Legacy 15 SP1 SUSE Linux Enterprise Module for Legacy 15 SP2 SUSE Linux Enterprise Module for Legacy 15 SP1 SUSE Linux Enterprise Module for Legacy 15 SP2 SUSE Linux Enterprise Module for Legacy 15 SP1 SUSE Linux Enterprise Module for Legacy 15 SP2 SUSE OpenStack Cloud 6 openSUSE Tumbleweed ntp-4.2.4p6-1.17.1 ntp-4.2.4p8-1.16.1 ntp-4.2.4p8-1.22.1 ntp-4.2.4p8-1.3.28 ntp-4.2.6p5-24.3 ntp-4.2.8p10-63.3 ntp-4.2.8p11-2.12 ntp-4.2.8p12-64.8.2 ntp-4.2.8p13-4.6.1 ntp-4.2.8p13-85.1 ntp-4.2.8p2-2.18 ntp-4.2.8p4-1.3 ntp-4.2.8p8-14.1 ntp-4.2.8p9-1.1 ntp-doc-4.2.4p6-1.17.1 ntp-doc-4.2.4p8-1.16.1 ntp-doc-4.2.4p8-1.22.1 ntp-doc-4.2.4p8-1.3.28 ntp-doc-4.2.6p5-24.3 ntp-doc-4.2.8p10-63.3 ntp-doc-4.2.8p12-64.8.2 ntp-doc-4.2.8p13-85.1 ntp-doc-4.2.8p2-2.18 ntp-doc-4.2.8p4-1.3 ntp-doc-4.2.8p8-14.1 ntp-doc-4.2.8p9-1.1 ntp-4.2.6p5-24.3 as a component of SUSE Linux Enterprise Desktop 12 ntp-doc-4.2.6p5-24.3 as a component of SUSE Linux Enterprise Desktop 12 ntp-4.2.8p4-1.3 as a component of SUSE Linux Enterprise Desktop 12 SP1 ntp-doc-4.2.8p4-1.3 as a component of SUSE Linux Enterprise Desktop 12 SP1 ntp-4.2.8p8-14.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 ntp-doc-4.2.8p8-14.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 ntp-4.2.8p10-63.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 ntp-doc-4.2.8p10-63.3 as a component of SUSE Linux Enterprise Desktop 12 SP3 ntp-4.2.8p12-64.8.2 as a component of SUSE Linux Enterprise Desktop 12 SP4 ntp-doc-4.2.8p12-64.8.2 as a component of SUSE Linux Enterprise Desktop 12 SP4 ntp-4.2.8p13-85.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 ntp-doc-4.2.8p13-85.1 as a component of SUSE Linux Enterprise High Performance Computing 12 SP5 ntp-4.2.8p11-2.12 as a component of SUSE Linux Enterprise Module for Legacy 15 ntp-4.2.8p13-4.6.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP1 ntp-4.2.8p13-4.6.1 as a component of SUSE Linux Enterprise Module for Legacy 15 SP2 ntp-4.2.4p6-1.17.1 as a component of SUSE Linux Enterprise Server 11 ntp-doc-4.2.4p6-1.17.1 as a component of SUSE Linux Enterprise Server 11 ntp-4.2.4p8-1.3.28 as a component of SUSE Linux Enterprise Server 11 SP1 ntp-doc-4.2.4p8-1.3.28 as a component of SUSE Linux Enterprise Server 11 SP1 ntp-4.2.4p8-1.16.1 as a component of SUSE Linux Enterprise Server 11 SP2 ntp-doc-4.2.4p8-1.16.1 as a component of SUSE Linux Enterprise Server 11 SP2 ntp-4.2.4p8-1.22.1 as a component of SUSE Linux Enterprise Server 11 SP3 ntp-doc-4.2.4p8-1.22.1 as a component of SUSE Linux Enterprise Server 11 SP3 ntp-4.2.8p2-2.18 as a component of SUSE Linux Enterprise Server 11 SP4 ntp-doc-4.2.8p2-2.18 as a component of SUSE Linux Enterprise Server 11 SP4 ntp-4.2.6p5-24.3 as a component of SUSE Linux Enterprise Server 12 ntp-doc-4.2.6p5-24.3 as a component of SUSE Linux Enterprise Server 12 ntp-4.2.8p4-1.3 as a component of SUSE Linux Enterprise Server 12 SP1 ntp-doc-4.2.8p4-1.3 as a component of SUSE Linux Enterprise Server 12 SP1 ntp-4.2.8p8-14.1 as a component of SUSE Linux Enterprise Server 12 SP2 ntp-doc-4.2.8p8-14.1 as a component of SUSE Linux Enterprise Server 12 SP2 ntp-4.2.8p10-63.3 as a component of SUSE Linux Enterprise Server 12 SP3 ntp-doc-4.2.8p10-63.3 as a component of SUSE Linux Enterprise Server 12 SP3 ntp-4.2.8p12-64.8.2 as a component of SUSE Linux Enterprise Server 12 SP4 ntp-doc-4.2.8p12-64.8.2 as a component of SUSE Linux Enterprise Server 12 SP4 ntp-4.2.8p13-85.1 as a component of SUSE Linux Enterprise Server 12 SP5 ntp-doc-4.2.8p13-85.1 as a component of SUSE Linux Enterprise Server 12 SP5 ntp-4.2.8p8-14.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 ntp-doc-4.2.8p8-14.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 ntp-4.2.4p6-1.17.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 ntp-doc-4.2.4p6-1.17.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 ntp-4.2.8p13-85.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 ntp-doc-4.2.8p13-85.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP5 ntp-4.2.8p4-1.3 as a component of SUSE OpenStack Cloud 6 ntp-4.2.8p9-1.1 as a component of openSUSE Tumbleweed ntp-doc-4.2.8p9-1.1 as a component of openSUSE Tumbleweed Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response. CVE-2009-0159 SUSE Linux Enterprise Desktop 12:ntp-4.2.6p5-24.3 SUSE Linux Enterprise Desktop 12:ntp-doc-4.2.6p5-24.3 SUSE Linux Enterprise Desktop 12 SP1:ntp-4.2.8p4-1.3 SUSE Linux Enterprise Desktop 12 SP1:ntp-doc-4.2.8p4-1.3 SUSE Linux Enterprise Desktop 12 SP2:ntp-4.2.8p8-14.1 SUSE Linux Enterprise Desktop 12 SP2:ntp-doc-4.2.8p8-14.1 SUSE Linux Enterprise Desktop 12 SP3:ntp-4.2.8p10-63.3 SUSE Linux Enterprise Desktop 12 SP3:ntp-doc-4.2.8p10-63.3 SUSE Linux Enterprise Desktop 12 SP4:ntp-4.2.8p12-64.8.2 SUSE Linux Enterprise Desktop 12 SP4:ntp-doc-4.2.8p12-64.8.2 SUSE Linux Enterprise High Performance Computing 12 SP5:ntp-4.2.8p13-85.1 SUSE Linux Enterprise High Performance Computing 12 SP5:ntp-doc-4.2.8p13-85.1 SUSE Linux Enterprise Module for Legacy 15:ntp-4.2.8p11-2.12 SUSE Linux Enterprise Module for Legacy 15 SP1:ntp-4.2.8p13-4.6.1 SUSE Linux Enterprise Module for Legacy 15 SP2:ntp-4.2.8p13-4.6.1 SUSE Linux Enterprise Server 11:ntp-4.2.4p6-1.17.1 SUSE Linux Enterprise Server 11:ntp-doc-4.2.4p6-1.17.1 SUSE Linux Enterprise Server 11 SP1:ntp-4.2.4p8-1.3.28 SUSE Linux Enterprise Server 11 SP1:ntp-doc-4.2.4p8-1.3.28 SUSE Linux Enterprise Server 11 SP2:ntp-4.2.4p8-1.16.1 SUSE Linux Enterprise Server 11 SP2:ntp-doc-4.2.4p8-1.16.1 SUSE Linux Enterprise Server 11 SP3:ntp-4.2.4p8-1.22.1 SUSE Linux Enterprise Server 11 SP3:ntp-doc-4.2.4p8-1.22.1 SUSE Linux Enterprise Server 11 SP4:ntp-4.2.8p2-2.18 SUSE Linux Enterprise Server 11 SP4:ntp-doc-4.2.8p2-2.18 SUSE Linux Enterprise Server 12:ntp-4.2.6p5-24.3 SUSE Linux Enterprise Server 12:ntp-doc-4.2.6p5-24.3 SUSE Linux Enterprise Server 12 SP1:ntp-4.2.8p4-1.3 SUSE Linux Enterprise Server 12 SP1:ntp-doc-4.2.8p4-1.3 SUSE Linux Enterprise Server 12 SP2:ntp-4.2.8p8-14.1 SUSE Linux Enterprise Server 12 SP2:ntp-doc-4.2.8p8-14.1 SUSE Linux Enterprise Server 12 SP3:ntp-4.2.8p10-63.3 SUSE Linux Enterprise Server 12 SP3:ntp-doc-4.2.8p10-63.3 SUSE Linux Enterprise Server 12 SP4:ntp-4.2.8p12-64.8.2 SUSE Linux Enterprise Server 12 SP4:ntp-doc-4.2.8p12-64.8.2 SUSE Linux Enterprise Server 12 SP5:ntp-4.2.8p13-85.1 SUSE Linux Enterprise Server 12 SP5:ntp-doc-4.2.8p13-85.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:ntp-4.2.8p8-14.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:ntp-doc-4.2.8p8-14.1 SUSE Linux Enterprise Server for SAP Applications 11:ntp-4.2.4p6-1.17.1 SUSE Linux Enterprise Server for SAP Applications 11:ntp-doc-4.2.4p6-1.17.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:ntp-4.2.8p13-85.1 SUSE Linux Enterprise Server for SAP Applications 12 SP5:ntp-doc-4.2.8p13-85.1 SUSE OpenStack Cloud 6:ntp-4.2.8p4-1.3 openSUSE Tumbleweed:ntp-4.2.8p9-1.1 openSUSE Tumbleweed:ntp-doc-4.2.8p9-1.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P