[ntp:questions] CVE-2013-5211 and xntpd
stenn at ntp.org
Thu Feb 6 20:49:16 UTC 2014
Brian Utterback writes:
> I did test it and saw indications that it would be vulnerable. I don't
> have exploit code so I didn't actually get an exploit going, but I saw
> enough to convince me.
If xntpd responds to the mode 7 monlist command it's vulnerable, and the
easy fix is to add a 'restrict default noquery' line to the config file.
> The problem is that the CVE doesn't say that all versions of ntp before
> 4.2.7 are vulnerable, it says that all versions of *ntpd* before 4.2.7
> are vulnerable.
I agree, the wording in the CVE should be fixed.
More information about the questions