Junos NTP Server Amplification Denial of Service Vulnerability

Summary
DoS in NTP server
Impact
If NTP is enabled an attacker can exploit the control messages to use it as part of a DoS attack against a remote victim or as the target of an attack against the device itself.
Solution
New builds of Junos OS software are available from Juniper.
Insight
When an NTP client or server is enabled within the [edit system ntp] hierarchy level of the Junos configuration, REQ_MON_GETLIST and REQ_MON_GETLIST_1 control messages supported by the monlist feature within NTP may allow remote attackers to cause a denial of service. NTP is not enabled in Junos by default.
Affected
Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2, 13.3
Detection
Check the OS build.
References

Updated on 2015-03-25