← Back

CVE-2013-5211

nvd nist
Published: Jan 2, 2014Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

Affected (31)

Products: Opensuse: Opensuse · Ntp: Ntp · Oracle: Linux
Opensuse
1 product
Opensuse
Ntp
1 product
Ntp
Oracle
1 product
Linux
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Version 11.4
Configuration B
28 vulnerable
Vulnerable SoftwareAffected Versions
Ntp
Ntp
Before 4.2.7
Ntp
Version 4.2.7
Ntp
Version 4.2.7 p0
Ntp
Version 4.2.7 p10
Ntp
Version 4.2.7 p11
Ntp
Version 4.2.7 p12
Ntp
Version 4.2.7 p13
Ntp
Version 4.2.7 p14
Ntp
Version 4.2.7 p15
Ntp
Version 4.2.7 p16
Ntp
Version 4.2.7 p17
Ntp
Version 4.2.7 p18
Ntp
Version 4.2.7 p19
Ntp
Version 4.2.7 p1
Ntp
Version 4.2.7 p20
Ntp
Version 4.2.7 p21
Ntp
Version 4.2.7 p22
Ntp
Version 4.2.7 p23
Ntp
Version 4.2.7 p24
Ntp
Version 4.2.7 p25
Ntp
Version 4.2.7 p2
Ntp
Version 4.2.7 p3
Ntp
Version 4.2.7 p4
Ntp
Version 4.2.7 p5
Ntp
Version 4.2.7 p6
Ntp
Version 4.2.7 p7
Ntp
Version 4.2.7 p8
Ntp
Version 4.2.7 p9
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Linux
Version 6
Linux
Version 7

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (42)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Mailing List
Source: cve@mitre.org
Not Applicable
Source: cve@mitre.org
Not Applicable
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.