[ntp:questions] CVE-2013-5211 and xntpd
brian.utterback at oracle.com
Thu Feb 6 18:51:33 UTC 2014
On 2/6/2014 10:31 AM, mike cook wrote:
> I think you are right. My reading of the CVE gives me to believe that xntpd is vulnerable. xntp is a full implementation of NTP V3 and the CVE indicates all versions of ntp earlier than 4.2.7 are vulnerable. It is very easy for you to test as xntpd is(or was) distributed with with Solaris.
I did test it and saw indications that it would be vulnerable. I don't
have exploit code so I didn't actually get an exploit going, but I saw
enough to convince me.
The problem is that the CVE doesn't say that all versions of ntp before
4.2.7 are vulnerable, it says that all versions of *ntpd* before 4.2.7
More information about the questions