[Bug 1268543] [NEW] CVE-2013-5211 ntp DDos

Matteo Bertini matteob at naufraghi.net
Mon Jan 13 10:36:43 UTC 2014


Public bug reported:

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26
allows remote attackers to cause a denial of service (traffic
amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1
requests, as exploited in the wild in December 2013.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211

http://bugs.ntp.org/show_bug.cgi?id=1532

** Affects: ntp (Ubuntu)
     Importance: Undecided
         Status: New

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-5211

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1268543

Title:
  CVE-2013-5211 ntp DDos

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1268543/+subscriptions



More information about the Ubuntu-server-bugs mailing list