Re: ntpd advisory not yet fixed?

To: John Klos <john%ziaspace.com@localhost>
Subject: Re: ntpd advisory not yet fixed?
From: Xin LI <delphij%gmail.com@localhost>
Date: Fri, 3 Jan 2014 14:55:27 -0800

Well, I think it's always a good idea to have:

restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1
restrict 127.127.1.0

in ntp.conf, if the server is intended to serve the public Internet.

The issue can not be easily fixed without losing functionality, by the
way.  We (FreeBSD) plans to issue an advisory that disables 'monitor'
feature by default on January 14.

On Fri, Jan 3, 2014 at 2:50 PM, John Klos <john%ziaspace.com@localhost> wrote:
> It looks like ntpd versions in netbsd-5 and netbsd-6 can be used for
> reflection attacks:
>
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5211&cid=1
>
> Is anyone working on this?
>
> John

-- 
Xin LI <delphij%delphij.net@localhost> https://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die

References:
- ntpd advisory not yet fixed?
  - From: John Klos

Prev by Date: ntpd advisory not yet fixed?
Next by Date: NetBSD Security Advisory 2014-001: Stack buffer overflow in libXfont
Previous by Thread: ntpd advisory not yet fixed?
Next by Thread: NetBSD Security Advisory 2014-001: Stack buffer overflow in libXfont
Indexes:

Home | Main Index | Thread Index | Old Index