[ntp:hackers] re: [Fwd: [Full-disclosure] ntpd stack evasion 0day exploit]

Steve Kostecke kostecke at ntp.isc.org
Wed Jan 11 15:07:31 UTC 2006

Paul Vixie said:

>is this a real problem, in current ntpd?

According to the exploit code posted in another message this is
for version 4.0.99. The current stable version of ntpd is 4.2.0.

>if so, can someone notify CERT and get a fix prepared as well as a CERT
>advisory describing the hole+fix?

The fix is already documented at


>is this a fake problem, in which case, can someone answer it on FD?
>is this an old problem, in which case, can someone put an explaination
>on the WIKI (or whatever) and tell CERT the URL?

I'll post something at http://ntp.isc.org as soon as I put out some
other fires here.

Steve Kostecke <kostecke at ntp.isc.org>
NTP Public Services Project http://ntp.isc.org/
Public Key at http://ntp.isc.org/Users/SteveKostecke

More information about the hackers mailing list