Detections
Analytics
Network Time Protocol (NTP) Mode 6 Scanner
medium Nessus Plugin ID 97861
Language:
Synopsis
The remote NTP server responds to mode 6 queries.Description
The remote NTP server responds to mode 6 queries. Devices that respond to these queries have the potential to be used in NTP amplification attacks. An unauthenticated, remote attacker could potentially exploit this, via a specially crafted mode 6 query, to cause a reflected denial of service condition.Solution
Restrict NTP mode 6 queries.See Also
https://www.nessus.org/u?18e62de1
https://www.virtuesecurity.com/kb/ntp-mode-6-vulnerabilities/
Plugin Details
Severity: Medium
ID: 97861
File Name: ntp_mode6_query.nasl
Version: 1.3
Type: remote
Family: Misc.
Published: 3/21/2017
Updated: 3/12/2025
Supported Sensors: Nessus
Risk Information
CVSS Score Rationale: Score based on an in-depth analysis by tenable.
CVSS v2
Risk Factor: Medium
Base Score: 5
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS Score Source: manual
CVSS v3
Risk Factor: Medium
Base Score: 5.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Vulnerability Information
Required KB Items: Services/udp/ntp