cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1062
Views
5
Helpful
1
Replies
Highlighted

NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability

An Vulnerability scan exposed the following on Cisco IM & P ver 9.1.1 

NTP 'ntpd' Autokey Stack Buffer Overflow Vulnerability

NTP: DoS in monlist feature of ntpd (CVE-2013-5211) (ntp-monlist-dos-cve-2013-5211)

NTP: Traffic Amplification in listpeers feature of ntpd (ntp-r7-2014-12-listpeers-drdos)

NTP: Traffic Amplification in peers feature of ntpd (ntp-r7-2014-12-peers-drdos)

NTP: Traffic Amplification in CTL_OP_REQ_NONCE feature of ntpd (ntp-r7-2014-12-reqnonce-drdos)

NTP: Information disclosure in reslist feature of ntpd (CVE-2014-5209) (ntp-r7-2014-12-reslist-disclosure)

NTP: Traffic Amplification in reslist feature of ntpd (ntp-r7-2014-12-reslist-drdos)

NTP: Traffic amplification in clrtrap feature of ntpd (ntp-r7-2014-12-unsettrap-drdos)

Any workarounds or fixes for this?

Voice CCIE #37771
1 REPLY 1
Enthusiast

That particular NTP DoS

That particular NTP DoS vulnerability CVE-2013-5211 (amplification attack) is addressed with the ciscocm.ntp_option-v1.11.cop.sgn which can be found in the COP-Files section of https://software.cisco.com/download/release.html?mdfid=284510097&flowid=77894&softwareid=282204704&release=ELM&relind=AVAILABLE&rellifecycle=&reltype=latest

Additionally, the readme to this COP file can be viewed at: http://www.cisco.com/web/software/282204704/18582/ntp_option_readme-Rev2.pdf

Thanks,

Ryan

(.. Please rate helpful posts ..)

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards