Public bug reported: The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211 http://bugs.ntp.org/show_bug.cgi?id=1532 ** Affects: ntp (Ubuntu) Importance: Undecided Status: New ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-5211 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1268543 Title: CVE-2013-5211 ntp DDos To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1268543/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
