Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-7wax-ejgw-gfaj
Vulnerability ID VCID-7wax-ejgw-gfaj
Aliases CVE-2009-3563
Summary A Denial of Service condition in ntpd can cause excessive CPU or bandwidth consumption.
Status Published
Exploitability 2.0
Weighted Severity 0.7
Risk 1.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
epss 0.79631 https://api.first.org/data/v1/epss?cve=CVE-2009-3563
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3563.json
https://api.first.org/data/v1/epss?cve=CVE-2009-3563
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563
531213 https://bugzilla.redhat.com/show_bug.cgi?id=531213
560074 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074
GLSA-201001-01 https://security.gentoo.org/glsa/201001-01
RHSA-2009:1648 https://access.redhat.com/errata/RHSA-2009:1648
RHSA-2009:1651 https://access.redhat.com/errata/RHSA-2009:1651
USN-867-1 https://usn.ubuntu.com/867-1/
Data source Metasploit
Description This module exploits a denial of service vulnerability within the NTP (network time protocol) demon. By sending a single packet to a vulnerable ntpd server (Victim A), spoofed from the IP address of another vulnerable ntpd server (Victim B), both victims will enter an infinite response loop. Note, unless you control the spoofed source host or the real remote host(s), you will not be able to halt the DoS condition once begun!
Note 
Stability:
  - crash-service-down
SideEffects: []
Reliability: []
Ransomware campaign use Unknown
Source publication date Oct. 4, 2009
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/ntp/ntpd_reserved_dos.rb
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.99083
EPSS Score 0.79631
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:10:08.310981+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201001-01 38.0.0