The “monlist” command of the NTP protocol is currently abused in a DDoS reflection attack. This is done by spoofing packets from addresses to which the attack is directed to. The ntp installations itself are not target of the attack, but they are part of the DDoS network which the attacker is driving. It is therefore necessary to restrict ntp configurations to not answer spoofed “monlist” requests. It is not necessary to update the ntp software itself.

Solution

To ensure that your ntpd installation can not participate in a DDoS attack, add the following line to your configuration: restrict default noquery

nessus 34

threatpost 4

checkpoint_advisories 1

zdt 1

securityvulns 3

ibm 9

cert 1

freebsd 1

exploitpack 1

packetstorm 1

openvas 16

f5 2

mageia 1

aix 1

amazon 2

checkpoint_security 1

fortinet 1

thn 1

ubuntucve 1

metasploit 1

ics 1

gentoo 1

freebsd_advisory 1

slackware 1

prion 1

oraclelinux 5

cve 1

debiancve 1

exploitdb 1

vmware 2

nessus

AIX 6.1 TL 8 : ntp (IV58068)

2014-06-17 00:00:00

Oracle Linux 7 : ntp (ELSA-2016-3612)

2016-09-13 00:00:00

AIX 6.1 TL 7 : ntp (IV58413)

2014-06-17 00:00:00

threatpost

Volume of NTP Amplification Attacks Getting Louder

2014-04-29 13:03:29

NTP Amplification Blamed for 400 Gbps DDoS Attack

2014-02-11 12:21:35

PointDNS Recovers from Massive DDoS Attack

2014-05-12 15:35:26

checkpoint_advisories

NTP Servers Monlist Command Denial of Service (CVE-2013-5211)

2014-01-19 00:00:00

zdt

NTP ntpd monlist Query Reflection - Denial of Service

2014-04-29 00:00:00

securityvulns

ntp traffic amplification

2014-01-14 00:00:00

[security bulletin] HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS)

2014-01-14 00:00:00

TA14-013A: NTP Amplification Attacks Using CVE-2013-5211

2014-01-14 00:00:00

ibm

Security Bulletin: NTP vulnerability in Network Intrusion Prevention System (CVE-2013-5211)

2022-02-23 19:48:26

Security Bulletin: The IBM Chassis Management Module (CMM) is affected by a vulnerability in NTP server (CVE-2013-5211)

2019-01-31 01:25:01

Security Bulletin: IBM Flex System Manager (FSM) is affected by vulnerability (CVE-2013-5211)

2019-01-31 01:25:01

cert

NTP can be abused to amplify denial-of-service attack traffic

2014-01-10 00:00:00

freebsd

ntpd DRDoS / Amplification Attack using ntpdc monlist command

2014-01-01 00:00:00

exploitpack

NTP ntpd monlist Query Reflection - Denial of Service

2014-04-28 00:00:00

packetstorm

NTP Amplification Denial Of Service Tool

2014-07-16 00:00:00

openvas

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-1314)

2020-03-24 00:00:00

Juniper Networks Junos OS NTP Server Amplification Denial of Service Vulnerability

2014-07-31 00:00:00

SUSE: Security Advisory (SUSE-SU-2014:0937-1)

2021-06-09 00:00:00

SOL15154 - NTP vulnerability CVE-2013-5211

2014-04-10 00:00:00

K15154 : NTP vulnerability CVE-2013-5211

2014-04-10 00:00:00

mageia

Updated ntp packages work around security vulnerability

2014-01-31 20:44:56

aix

Network Time Protocol (NTP) vulnerability in AIX,Network Time Protocol (NTP) vulnerability in VIOS

2014-06-12 16:24:51

amazon

Medium: ntp

2021-09-08 23:35:00

Medium: ntp

2018-05-10 17:01:00

checkpoint_security

Blocking NTP access on Gaia OS / IPSO OS (CVE-2013-5211)

2014-03-01 22:00:00

fortinet

FortiAnalyzer could potentially be used in NTP amplification attacks

2020-06-22 00:00:00

thn

Abusing Network Time Protocol (NTP) to perform massive Reflection DDoS attack

2014-01-02 20:25:00

ubuntucve

CVE-2013-5211

2014-01-02 00:00:00

metasploit

NTP Monitor List Scanner

2010-01-27 23:25:17

ics

NTP Reflection Attack

2018-09-06 12:00:00

gentoo

NTP: Traffic amplification

2014-01-16 00:00:00

freebsd_advisory

FreeBSD-SA-14:02.ntpd

2014-01-14 00:00:00

slackware

ntp

2014-02-13 16:38:35

prion

Security feature bypass

2014-01-02 14:59:00

oraclelinux

ntp security update

2016-09-09 00:00:00

ntp security update

2016-09-09 00:00:00

ntp security update

2018-12-19 00:00:00

cve

CVE-2013-5211

2014-01-02 14:59:00

debiancve

CVE-2013-5211

2014-01-02 14:59:00

exploitdb

NTP ntpd monlist Query Reflection - Denial of Service

2014-04-28 00:00:00

vmware

VMware vSphere updates to third party libraries

2014-03-11 00:00:00

VMware vSphere updates to third party libraries

2014-03-11 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.966 High

EPSS

Percentile

99.5%

JSON

Related for SUSE-SA:2014:001