First published: Thu Jan 02 2014(Updated: )
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
openSUSE openSUSE | =11.4 | |
NTP ntp | <4.2.7 | |
NTP ntp | =4.2.7 | |
NTP ntp | =4.2.7-p0 | |
NTP ntp | =4.2.7-p1 | |
NTP ntp | =4.2.7-p10 | |
NTP ntp | =4.2.7-p11 | |
NTP ntp | =4.2.7-p12 | |
NTP ntp | =4.2.7-p13 | |
NTP ntp | =4.2.7-p14 | |
NTP ntp | =4.2.7-p15 | |
NTP ntp | =4.2.7-p16 | |
NTP ntp | =4.2.7-p17 | |
NTP ntp | =4.2.7-p18 | |
NTP ntp | =4.2.7-p19 | |
NTP ntp | =4.2.7-p2 | |
NTP ntp | =4.2.7-p20 | |
NTP ntp | =4.2.7-p21 | |
NTP ntp | =4.2.7-p22 | |
NTP ntp | =4.2.7-p23 | |
NTP ntp | =4.2.7-p24 | |
NTP ntp | =4.2.7-p25 | |
NTP ntp | =4.2.7-p3 | |
NTP ntp | =4.2.7-p4 | |
NTP ntp | =4.2.7-p5 | |
NTP ntp | =4.2.7-p6 | |
NTP ntp | =4.2.7-p7 | |
NTP ntp | =4.2.7-p8 | |
NTP ntp | =4.2.7-p9 | |
Oracle Linux | =6 | |
Oracle Linux | =7 | |
NTP ntp | =4.2.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.