CVE-2013-5211

Exp

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

Published: 2014-01-02 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2013-5211 is rated High Exploit Risk (69.4/100): CVSS Medium severity, with high exploitation likelihood (EPSS 97.55%, 100th percentile). 1 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2013-5211

EDB-ID Source Kind Published Link
33073 exploit_db edb 2014-04-28 Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2013-5211

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-16 98.13% 97.55% -0.59%
2 2026-06-15 92.14% 98.13% +6.00%
3 2026-05-26 92.14%

Full EPSS history (57 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2013-5211

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.0 2.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:P)
Partial availability impact.
 10.0 2.9 [email protected]

Weakness enumeration for CVE-2013-5211

OS Trackers for CVE-2013-5211

vendor priority summary link
debian low CVE-2013-5211 low priority: Debian including 1 source packages (ntp), 1 status rows across 1 suites (bullseye): resolved 1. https://security-tracker.debian.org/tracker/CVE-2013-5211
gentoo normal CVE-2013-5211: 1 GLSA(s) (201401-08), 1 atom(s) (net-misc/ntp); latest impact normal. https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2013-5211
redhat medium https://access.redhat.com/security/cve/CVE-2013-5211
ubuntu low CVE-2013-5211 low priority: Ubuntu including 1 source packages (ntp), 6 status rows across 6 suites (lucid, precise, quantal, raring, saucy, upstream): ignored 5, needs-triage 1. https://ubuntu.com/security/CVE-2013-5211

Affected software / configurations for CVE-2013-5211

Vendor Product Version Raw CPE
opensuse opensuse 11.4 cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
ntp ntp < 4.2.7 cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:-:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p0:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p1:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p10:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p11:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p12:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p13:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p14:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p15:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p16:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p17:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p18:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p19:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p2:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p20:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p21:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p22:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p23:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p24:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p25:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p3:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p4:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p5:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p6:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p7:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p8:*:*:*:*:*:*
ntp ntp 4.2.7 cpe:2.3:a:ntp:ntp:4.2.7:p9:*:*:*:*:*:*
oracle linux 6 cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
oracle linux 7 cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*

References for CVE-2013-5211

URL Tags
http://aix.software.ibm.com/aix/efixes/security/ntp_advisory.asc Third Party Advisory
http://bugs.ntp.org/show_bug.cgi?id=1532 Issue Tracking
http://ics-cert.us-cert.gov/advisories/ICSA-14-051-04 Third Party Advisory US Government Resource
http://lists.ntp.org/pipermail/pool/2011-December/005616.html Broken Link
http://lists.opensuse.org/opensuse-updates/2014-09/msg00031.html Third Party Advisory
http://marc.info/?l=bugtraq&m=138971294629419&w=2 Mailing List
http://marc.info/?l=bugtraq&m=144182594518755&w=2 Mailing List Third Party Advisory
http://openwall.com/lists/oss-security/2013/12/30/6 Mailing List
http://openwall.com/lists/oss-security/2013/12/30/7 Mailing List
http://secunia.com/advisories/59288 Not Applicable
http://secunia.com/advisories/59726 Not Applicable
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095861 Broken Link
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095892 Broken Link
http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-dev/ntp-dev-4.2.7p26.tar.gz Patch
http://www.kb.cert.org/vuls/id/348126 Third Party Advisory US Government Resource
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html Third Party Advisory
http://www.securityfocus.com/bid/64692 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030433 Third Party Advisory VDB Entry
http://www.us-cert.gov/ncas/alerts/TA14-013A Third Party Advisory US Government Resource
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232 Third Party Advisory
https://puppet.com/security/cve/puppetlabs-ntp-nov-2015-advisory Broken Link
cvelogic Threat Intelligence