Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying entries 1 - 10 of 55292 in total

NTP Mode 6 UNSETTRAP DRDoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit mode 6 UNSETTRAP requests that can be used to conduct DRDoS attacks. In some configurations, NTP servers will respond to UNSETTRAP requests with multiple packets, allowing remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic ...

NTP Mode 7 PEER_LIST_SUM DoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit "PEER_LIST_SUM" queries and return responses that are larger in size or greater in quantity than the request, allowing remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic amplification) via spoofed requests.

NTP Mode 6 REQ_NONCE DRDoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit mode 6 REQ_NONCE requests that can be used to conduct DRDoS attacks. In some configurations, NTP servers will respond to REQ_NONCE requests with a response larger than the request, allowing remote attackers to cause a distributed, reflected denial of service (aka, "D...

NTP Mode 7 GET_RESTRICT DRDoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit "reslist" queries and obtains the list of restrictions placed on various network interfaces, networks or hosts. The reslist feature allows remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic amplification) via spoofed request...

NTP Mode 7 PEER_LIST DoS Scanner Exploit

Disclosed: August 25, 2014

This module identifies NTP servers which permit "PEER_LIST" queries and return responses that are larger in size or greater in quantity than the request, allowing remote attackers to cause a distributed, reflected denial of service (aka, "DRDoS" or traffic amplification) via spoofed requests.

NTP: Traffic Amplification in listpeers feature of ntpd Vulnerability

  • Severity: 5
  • Published: August 24, 2014

An NTP private (mode 7) message for the XNTPD_OLD (2) and XNTPD (3) implementation with the PEER_LIST (0) request code will return the list of all hosts that a given NTP server is peering with. Depending on the number of peers, an NTP servers response can be very large and potentially spread over many packe...

NTP: Information disclosure in reslist feature of ntpd (CVE-2014-5209) Vulnerability

  • Severity: 5
  • Published: August 24, 2014

An NTP private (mode 7) message for the XNTPD_OLD (2) and XNTPD (3) implementation with the GET_RESTRICT (16) request code will return the list of hosts/networks that have particular restrictions applied to them. This is the equivalent of an ACL and should be considered sensitive because it can disclose the...

NTP: Traffic Amplification in CTL_OP_REQ_NONCE feature of ntpd Vulnerability

  • Severity: 5
  • Published: August 24, 2014

An NTP control (mode 6) message with the CTL_OP_REQ_NONCE (12) opcode will generate a single reply that is larger (44 bytes) than the request (12 bytes). This traffic amplification vulnerability can be used to conduct DRDoS attacks.

NTP: Traffic Amplification in peers feature of ntpd Vulnerability

  • Severity: 5
  • Published: August 24, 2014

An NTP private (mode 7) message for the XNTPD_OLD (2) and XNTPD (3) implementation with the PEER_LIST_SUM (1) request code will return the list of all hosts that a given NTP server is peering with along with clock metadata (stratum, clock delay, etc). Depending on the number of peers, an NTP servers respons...

NTP: Traffic Amplification in reslist feature of ntpd Vulnerability

  • Severity: 5
  • Published: August 24, 2014

An NTP private (mode 7) message for the XNTPD_OLD (2) and XNTPD (3) implementation with the GET_RESTRICT (16) request code will return the list of hosts/networks that have particular restrictions applied to them, splitting said response over several full-length packets if necessary, allowing a DRDoS attack ...