BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

VMware ESXi NTP Denial of Service Vulnerability

Disclosed March 11, 2014    Zeroday : 224 days

Vulnerability Description:

ESXi/ESX/VCSA servers mishandle the “monlist” command, which can be leveraged to amplify the size of responses to monlist commands, thereby causing a denial of service condition to arise. This may cause the vulnerable ESXi/ESX/VCSA to become unresponsive.

Vendors:

VMware

Vulnerable Software/Devices:

ESXi/VCSA 5.1, 5.0
ESXi/ESX 4.1, 4.0

Vulnerability Severity:

Low

Exploit Availability:

Publicly Available

Exploit Impact:

Denial of Service
Exploitation of this vulnerability will cause the device to become unresponsive, causing a denial of service condition. Attackers can continue sending malicious payloads to keep triggering the denial of service condition.

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 33178 - VMware ESXi NTP Denial of Service Vulnerability (20140311) (Zero-Day)

Mitigation:

Filter local traffic for NTP "monlist" commands. Apply patch if available.

Links:

CVE(s):