CVE-2013-5211

Published: 02 January 2014

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

Priority

Low

Status

Package Release Status
ntp
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Ignored

Notes

AuthorNote
mdeslaur
default ntp.conf in Ubuntu contains noquery, so monlist is
disabled by default. Sites that need monlist should restrict it
from known trusted IPs. Upstream has removed monlist in favour
of mrulist. This is too intrusive to backport, so we're going to
ignore this.

References

Bugs