CVE-2013-5211
Published Jan 2, 2014
Last updated a year ago
Overview
- Description
- The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CC55810-13AD-49D2-AFE5-A95F00824915",
"versionEndExcluding": "4.2.7"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8CAC15F6-514F-4BED-A2A5-E89F4349D8AE"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p0:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B481C553-B73E-4DA2-9D5E-3774FF846590"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AFDFCA1-0D59-4973-ACFE-CB75BD934154"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A04F57D2-2D27-4FBF-8530-2AC3FB744E7C"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p11:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "518C32C8-0558-46A1-8532-90DBA1616221"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p12:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E43BA6C-4FAE-4B96-90D3-E212BD21233D"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p13:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D4E0EEC-92AD-43B2-8539-921AAA0BAF8A"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p14:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5EC4F7DB-7769-4F81-B301-C973D0EB2E01"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p15:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3862A517-5302-4CC5-A553-E8ED8F408984"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p16:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5E23550B-55D9-4D2A-868C-1F2E5833FFD3"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p17:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "703DD909-3E63-46AF-BDBD-DB99035D17C8"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p18:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9307FD4B-AF64-476B-A238-1C8C9E8D7938"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p19:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19D2387E-78A0-42BD-B33E-5CE2858888DC"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF76B320-FE22-4528-9189-982909B67EA4"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p20:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4212F77B-AD87-47CE-972E-ADDF3E0A855C"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p21:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26DC7E1A-9F45-4F71-8EBE-8C4811757511"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p22:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93AEBFB8-C063-4862-ADA5-32C8AD6A215D"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p23:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD38DF5B-0FE3-46B0-9313-0BEDB2FB85BB"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p24:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19B1C33A-80DD-4942-81A3-5A91B77B902D"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p25:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE315238-7191-4A2E-A3C6-2162BE589C78"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5453B367-AF6E-49F1-A448-EEC9BD30F774"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0040B79-5D07-4BEA-8861-8D827FB31735"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D00C1A08-1AFF-4AED-9F32-6F7400E24427"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6478C98A-FC07-457D-996D-53B9361B52D3"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1D01BD4-27BF-49BD-9305-F26E0EC778AD"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4E82220-4E07-41B0-952A-9C0CC0973D60"
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.7:p9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "38F02F01-569A-445D-A954-D9369E0B8850"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876"
},
{
"criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158"
}
],
"operator": "OR"
}
]
}
]