Denial of Service : NTP Monlist Feature Enabled

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.103868

Kategorie: Denial of Service

Titel: NTP Monlist Feature Enabled

Zusammenfassung: NTP.org's ntpd is prone to a remote denial-of-service vulnerability because it; fails to properly handle certain incoming network packets.

Beschreibung: Summary:
NTP.org's ntpd is prone to a remote denial-of-service vulnerability because it
fails to properly handle certain incoming network packets.

Vulnerability Insight:
The monlist feature in ntp_request.c in ntpd in NTP before
4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via
forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

Vulnerability Impact:
Successfully exploiting this issue may allow an attacker to cause a denial
of service.

Affected Software/OS:
NTP.org's ntpd versions before 4.2.7p26. Other implementations might be affected as well.

Solution:
Update to NTP.org's ntpd 4.2.7p26 or newer or set 'disable monitor' in ntp.conf.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-5211
BugTraq ID: 64692
http://www.securityfocus.com/bid/64692
Cert/CC Advisory: TA14-013A
http://www.us-cert.gov/ncas/alerts/TA14-013A
CERT/CC vulnerability note: VU#348126
http://www.kb.cert.org/vuls/id/348126
HPdes Security Advisory: HPSBOV03505
http://marc.info/?l=bugtraq&m=144182594518755&w=2
HPdes Security Advisory: HPSBUX02960
http://marc.info/?l=bugtraq&m=138971294629419&w=2
HPdes Security Advisory: SSRT101419
http://ics-cert.us-cert.gov/advisories/ICSA-14-051-04
http://openwall.com/lists/oss-security/2013/12/30/6
http://openwall.com/lists/oss-security/2013/12/30/7
http://lists.ntp.org/pipermail/pool/2011-December/005616.html
http://www.securitytracker.com/id/1030433
http://secunia.com/advisories/59288
http://secunia.com/advisories/59726
SuSE Security Announcement: openSUSE-SU-2014:1149 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-09/msg00031.html

Copyright Copyright (C) 2014 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.103868
Kategorie:	Denial of Service
Titel:	NTP Monlist Feature Enabled
Zusammenfassung:	NTP.org's ntpd is prone to a remote denial-of-service vulnerability because it; fails to properly handle certain incoming network packets.
Beschreibung:	Summary: NTP.org's ntpd is prone to a remote denial-of-service vulnerability because it fails to properly handle certain incoming network packets. Vulnerability Insight: The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013. Vulnerability Impact: Successfully exploiting this issue may allow an attacker to cause a denial of service. Affected Software/OS: NTP.org's ntpd versions before 4.2.7p26. Other implementations might be affected as well. Solution: Update to NTP.org's ntpd 4.2.7p26 or newer or set 'disable monitor' in ntp.conf. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5211 BugTraq ID: 64692 http://www.securityfocus.com/bid/64692 Cert/CC Advisory: TA14-013A http://www.us-cert.gov/ncas/alerts/TA14-013A CERT/CC vulnerability note: VU#348126 http://www.kb.cert.org/vuls/id/348126 HPdes Security Advisory: HPSBOV03505 http://marc.info/?l=bugtraq&m=144182594518755&w=2 HPdes Security Advisory: HPSBUX02960 http://marc.info/?l=bugtraq&m=138971294629419&w=2 HPdes Security Advisory: SSRT101419 http://ics-cert.us-cert.gov/advisories/ICSA-14-051-04 http://openwall.com/lists/oss-security/2013/12/30/6 http://openwall.com/lists/oss-security/2013/12/30/7 http://lists.ntp.org/pipermail/pool/2011-December/005616.html http://www.securitytracker.com/id/1030433 http://secunia.com/advisories/59288 http://secunia.com/advisories/59726 SuSE Security Announcement: openSUSE-SU-2014:1149 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-09/msg00031.html
Copyright	Copyright (C) 2014 Greenbone AG