5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.967 High
EPSS
Percentile
99.6%
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows
remote attackers to cause a denial of service (traffic amplification) via
forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited
in the wild in December 2013.
Author | Note |
---|---|
mdeslaur | default ntp.conf in Ubuntu contains noquery, so monlist is disabled by default. Sites that need monlist should restrict it from known trusted IPs. Upstream has removed monlist in favour of mrulist. This is too intrusive to backport, so we’re going to ignore this. |