// For flags

CVE-2013-5211

NTP ntpd monlist Query Reflection - Denial of Service

Severity Score

8.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

17
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

La característica monlist en ntp_request.c en ntpd en NTP antes 4.2.7p26 permite a atacantes remotos provocar una denegación de servicio (amplificación de tráfico) a través de solicitudes (1) REQ_MON_GETLIST o (2) solicitudes REQ_MON_GETLIST_1, como han sido explotados en diciembre de 2013.

Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS running NTP. These vulnerabilities could be exploited remotely to allow unauthenticated attackers to execute code with the privileges of ntpd or cause a Denial of Service (DoS). Revision 1 of this advisory.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-08-15 CVE Reserved
  • 2014-01-02 CVE Published
  • 2014-04-28 First Exploit
  • 2024-08-06 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-20: Improper Input Validation
CAPEC
References (40)
URL Tag Source
http://aix.software.ibm.com/aix/efixes/security/ntp_advisory.asc Third Party Advisory
http://bugs.ntp.org/show_bug.cgi?id=1532 Issue Tracking
http://ics-cert.us-cert.gov/advisories/ICSA-14-051-04 Third Party Advisory
http://lists.ntp.org/pipermail/pool/2011-December/005616.html Broken Link
http://openwall.com/lists/oss-security/2013/12/30/6 Mailing List
http://openwall.com/lists/oss-security/2013/12/30/7 Mailing List
http://secunia.com/advisories/59288 Not Applicable
http://secunia.com/advisories/59726 Not Applicable
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095861 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095892 Broken Link
http://www.kb.cert.org/vuls/id/348126 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html Third Party Advisory
http://www.securityfocus.com/bid/64692 Broken Link
http://www.securitytracker.com/id/1030433 Third Party Advisory
http://www.us-cert.gov/ncas/alerts/TA14-013A Third Party Advisory
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232 Third Party Advisory
https://puppet.com/security/cve/puppetlabs-ntp-nov-2015-advisory Broken Link
https://github.com/rapid7/metasploit-framework/pull/3696
https://www.rapid7.com/blog/post/2014/08/25/r7-2014-12-more-amplification-vulnerabilities-in-ntp-allow-even-more-drdos-attacks
URL Date SRC
https://packetstorm.news/files/id/180965 2024-08-31
https://packetstorm.news/files/id/180967 2024-08-31
https://packetstorm.news/files/id/180964 2024-08-31
https://packetstorm.news/files/id/181210 2024-09-01
https://packetstorm.news/files/id/180934 2024-08-31
https://packetstorm.news/files/id/180966 2024-08-31
https://packetstorm.news/files/id/180963 2024-08-31
https://packetstorm.news/files/id/180968 2024-09-01
https://packetstorm.news/files/id/180969 2024-09-01
https://packetstorm.news/files/id/126371 2014-04-28
https://packetstorm.news/files/id/127492 2014-07-16
https://packetstorm.news/files/id/126472 2014-05-05
https://www.exploit-db.com/exploits/33073 2014-04-28
https://github.com/0xhav0c/CVE-2013-5211 2023-05-03
https://github.com/dani87/ntpscanner 2024-11-06
https://github.com/suedadam/ntpscanner 2024-08-12
https://github.com/sepehrdaddev/ntpdos 2024-08-12
URL Date SRC
http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-dev/ntp-dev-4.2.7p26.tar.gz 2023-11-01
URL Date SRC
http://lists.opensuse.org/opensuse-updates/2014-09/msg00031.html 2023-11-01
http://marc.info/?l=bugtraq&m=138971294629419&w=2 2023-11-01
http://marc.info/?l=bugtraq&m=144182594518755&w=2 2023-11-01
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Opensuse
Search vendor "Opensuse"
 Opensuse
Search vendor "Opensuse" for product "Opensuse"
 11.4
Search vendor "Opensuse" for product "Opensuse" and version "11.4"
-
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 < 4.2.7
Search vendor "Ntp" for product "Ntp" and version " < 4.2.7"
-
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
-
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p0
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p1
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p10
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p11
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p12
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p13
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p14
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p15
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p16
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p17
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p18
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p19
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p2
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p20
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p21
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p22
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p23
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p24
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p25
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p3
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p4
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p5
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p6
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p7
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p8
Affected
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 4.2.7
Search vendor "Ntp" for product "Ntp" and version "4.2.7"
p9
Affected
Oracle
Search vendor "Oracle"
 Linux
Search vendor "Oracle" for product "Linux"
 6
Search vendor "Oracle" for product "Linux" and version "6"
-
Affected
Oracle
Search vendor "Oracle"
 Linux
Search vendor "Oracle" for product "Linux"
 7
Search vendor "Oracle" for product "Linux" and version "7"
-
Affected