This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote network time service could be used for network
reconnaissance or abused in a distributed denial of service attack.
The version of ntpd on the remote host has the 'monlist' command
enabled. This command returns a list of recent hosts that have
connected to the service. As such, it can be used for network
reconnaissance or, along with a spoofed source IP, a distributed
denial of service attack.
See also :
If using NTP from the Network Time Protocol Project, either upgrade to
NTP 4.2.7-p26 or later, or add 'disable monitor' to the 'ntp.conf'
configuration file and restart the service. Otherwise, contact the
Otherwise, limit access to the affected service to trusted hosts.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true