DoS in NTP server
If NTP is enabled an attacker can exploit the control messages to use it as part of a DoS attack against a remote victim or as the target of an attack against the device itself.
New builds of Junos OS software are available from Juniper.
When an NTP client or server is enabled within the [edit system ntp] hierarchy level of the Junos configuration, REQ_MON_GETLIST and REQ_MON_GETLIST_1 control messages supported by the monlist feature within NTP may allow remote attackers to cause a denial of service. NTP is not enabled in Junos by default.
Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2, 13.3
Check the OS build.
Updated on 2015-03-25