The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows
remote attackers to cause a denial of service (traffic amplification) via
forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited
in the wild in December 2013.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733940>
<http://bugs.ntp.org/show_bug.cgi?id=1532>
<https://bugs.launchpad.net/debian/+source/ntp/+bug/1268543>

Notes

Author	Note
mdeslaur	default ntp.conf in Ubuntu contains noquery, so monlist is disabled by default. Sites that need monlist should restrict it from known trusted IPs. Upstream has removed monlist in favour of mrulist. This is too intrusive to backport, so we’re going to ignore this.

References

lists.ntp.org/pipermail/pool/2011-December/005616.html

openwall.com/lists/oss-security/2013/12/30/6

launchpad.net/bugs/cve/CVE-2013-5211

nvd.nist.gov/vuln/detail/CVE-2013-5211

security-tracker.debian.org/tracker/CVE-2013-5211

www.cve.org/CVERecord?id=CVE-2013-5211

nessus 34

threatpost 4

securityvulns 3

checkpoint_advisories 1

suse 1

zdt 1

ibm 9

cert 1

freebsd 1

exploitpack 1

packetstorm 1

openvas 16

f5 2

mageia 1

aix 1

amazon 2

checkpoint_security 1

fortinet 1

thn 1

metasploit 1

gentoo 1

freebsd_advisory 1

ics 1

slackware 1

prion 1

oraclelinux 5

cve 1

debiancve 1

exploitdb 1

vmware 2

nessus

AIX 6.1 TL 8 : ntp (IV58068)

2014-06-17 00:00:00

Oracle Linux 7 : ntp (ELSA-2016-3612)

2016-09-13 00:00:00

AIX 6.1 TL 7 : ntp (IV58413)

2014-06-17 00:00:00

threatpost

Volume of NTP Amplification Attacks Getting Louder

2014-04-29 13:03:29

NTP Amplification Blamed for 400 Gbps DDoS Attack

2014-02-11 12:21:35

PointDNS Recovers from Massive DDoS Attack

2014-05-12 15:35:26

securityvulns

ntp traffic amplification

2014-01-14 00:00:00

[security bulletin] HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS)

2014-01-14 00:00:00

TA14-013A: NTP Amplification Attacks Using CVE-2013-5211

2014-01-14 00:00:00

checkpoint_advisories

NTP Servers Monlist Command Denial of Service (CVE-2013-5211)

2014-01-19 00:00:00

suse

DDoS reflection attacks in ntp

2014-01-20 17:05:38

zdt

NTP ntpd monlist Query Reflection - Denial of Service

2014-04-29 00:00:00

ibm

Security Bulletin: NTP vulnerability in Network Intrusion Prevention System (CVE-2013-5211)

2022-02-23 19:48:26

Security Bulletin: The IBM Chassis Management Module (CMM) is affected by a vulnerability in NTP server (CVE-2013-5211)

2019-01-31 01:25:01

Security Bulletin: IBM Flex System Manager (FSM) is affected by vulnerability (CVE-2013-5211)

2019-01-31 01:25:01

cert

NTP can be abused to amplify denial-of-service attack traffic

2014-01-10 00:00:00

freebsd

ntpd DRDoS / Amplification Attack using ntpdc monlist command

2014-01-01 00:00:00

exploitpack

NTP ntpd monlist Query Reflection - Denial of Service

2014-04-28 00:00:00

packetstorm

NTP Amplification Denial Of Service Tool

2014-07-16 00:00:00

openvas

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-1314)

2020-03-24 00:00:00

Juniper Networks Junos OS NTP Server Amplification Denial of Service Vulnerability

2014-07-31 00:00:00

SUSE: Security Advisory (SUSE-SU-2014:0937-1)

2021-06-09 00:00:00

SOL15154 - NTP vulnerability CVE-2013-5211

2014-04-10 00:00:00

K15154 : NTP vulnerability CVE-2013-5211

2014-04-10 00:00:00

mageia

Updated ntp packages work around security vulnerability

2014-01-31 20:44:56

aix

Network Time Protocol (NTP) vulnerability in AIX,Network Time Protocol (NTP) vulnerability in VIOS

2014-06-12 16:24:51

amazon

Medium: ntp

2021-09-08 23:35:00

Medium: ntp

2018-05-10 17:01:00

checkpoint_security

Blocking NTP access on Gaia OS / IPSO OS (CVE-2013-5211)

2014-03-01 22:00:00

fortinet

FortiAnalyzer could potentially be used in NTP amplification attacks

2020-06-22 00:00:00

thn

Abusing Network Time Protocol (NTP) to perform massive Reflection DDoS attack

2014-01-02 20:25:00

metasploit

NTP Monitor List Scanner

2010-01-27 23:25:17

gentoo

NTP: Traffic amplification

2014-01-16 00:00:00

freebsd_advisory

FreeBSD-SA-14:02.ntpd

2014-01-14 00:00:00

ics

NTP Reflection Attack

2018-09-06 12:00:00

slackware

ntp

2014-02-13 16:38:35

prion

Security feature bypass

2014-01-02 14:59:00

oraclelinux

ntp security update

2016-09-09 00:00:00

ntp security update

2016-09-09 00:00:00

ntp security update

2018-12-19 00:00:00

cve

CVE-2013-5211

2014-01-02 14:59:00

debiancve

CVE-2013-5211

2014-01-02 14:59:00

exploitdb

NTP ntpd monlist Query Reflection - Denial of Service

2014-04-28 00:00:00

vmware

VMware vSphere updates to third party libraries

2014-03-11 00:00:00

VMware vSphere updates to third party libraries

2014-03-11 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.967 High

EPSS

Percentile

99.6%

JSON

Related for UB:CVE-2013-5211