| VID |
23248 |
| Severity |
30 |
| Port |
123 |
| Protocol |
UDP |
| Class |
NTPD |
| Detailed Description |
The NTP daemon, according its version number, is vulnerable to multiple vulnerabilities. Network Time Protocol (NTP) daemon is responsible for providing accurate time reports used for synchronizing the clocks on installed systems. The remote NTP daemon has the 'monlist' command enabled. This command returns a list of recent hosts that have connected to the service. As such, it can be used for network reconnaissance or, along with a spoofed source IP, a distributed denial of service attack.
* Note: This check solely relied on the version number of the remote NTP daemon to assess this vulnerability, so this might be a false positive.
* References:
https://isc.sans.edu/diary/NTP+reflection+attack/17300
http://bugs.ntp.org/show_bug.cgi?id=1532
* Platforms Affected:
NTPD versions prior to 4.2.7p26
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of NTP (4.2.7p26 or later), available from the NTP Software Downloads Web page at http://ntp.isc.org/bin/view/Main/SoftwareDownloads |
| Related URL |
CVE-2013-5211 (CVE) |
| Related URL |
64692 (SecurityFocus) |
| Related URL |
(ISS) |
|
