IBM Support

IV56324: A POTENTIAL SECURITY ISSUE EXISTS CVE-2013-5211 APPLIES TO AIX 7100-03

A fix is available

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-52
    11
    
    The monlist feature in ntp_request.c in ntpd in NTP
    before
    4.2.7p26 allows remote attackers to cause a denial of
    service (traffic amplification) via forged
    (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests,
    as exploited in the wild in December 2013
    

Local fix

Problem summary

  • Remote attackers cause DoS attack on servers. This amplifies
    the volume of traffic directed at the server.
    

Problem conclusion

  • Remove NTP daemon's support for monlist feature.
    

Temporary fix

Comments

  • 6100-07 - use AIX APAR IV58413
    6100-08 - use AIX APAR IV58068
    6100-09 - use AIX APAR IV56213
    6100-09 - use AIX APAR IV56213
    6100-09 - use AIX APAR IV56213
    7100-01 - use AIX APAR IV56575
    7100-02 - use AIX APAR IV55365
    7100-03 - use AIX APAR IV56324
    7100-04 - use AIX APAR IV56340
    

APAR Information

  • APAR number

    IV56324

  • Reported component name

    AIX V7.1

  • Reported component ID

    5765H4000

  • Reported release

    710

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Submitted date

    2014-03-06

  • Closed date

    2014-03-06

  • Last modified date

    2016-05-10

  • APAR is sysrouted FROM one or more of the following:

    IV55365

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    AIX V7.1

  • Fixed component ID

    5765H4000

Applicable component levels

  • R710 PSY U859722

       UP14/05/22 I 1000

PTF to Fileset Mapping



Document information

More support for: AIX Enterprise Edition

Software version: 710

Operating system(s): AIX

Reference #: IV56324

Modified date: 10 May 2016