[ntp:questions] CVE-2013-5211 and xntpd

Brian Utterback brian.utterback at oracle.com
Thu Feb 6 18:51:33 UTC 2014


On 2/6/2014 10:31 AM, mike cook wrote:
>     I think you are right. My reading of the CVE gives me to believe that xntpd is vulnerable. xntp is a full implementation of NTP V3 and the CVE indicates all versions of ntp earlier than 4.2.7 are vulnerable. It is very easy for you to test as xntpd is(or was) distributed with with Solaris.

I did test it and saw indications that it would be vulnerable. I don't 
have exploit code so I didn't actually get an exploit going, but I saw 
enough to convince me.

The problem is that the CVE doesn't say that all versions of ntp before 
4.2.7 are vulnerable, it says that all versions of *ntpd* before 4.2.7 
are vulnerable.

Brian Utterback


More information about the questions mailing list