[ntp:questions] CVE-2013-5211 and xntpd

Martin Burnicki martin.burnicki at meinberg.de
Fri Feb 7 08:14:10 UTC 2014

Harlan Stenn schrieb:
> Brian Utterback writes:
>> I did test it and saw indications that it would be vulnerable. I don't
>> have exploit code so I didn't actually get an exploit going, but I saw
>> enough to convince me.
> If xntpd responds to the mode 7 monlist command it's vulnerable, and the
> easy fix is to add a 'restrict default noquery' line to the config file.

I agree xntpd is probably also vulnerable, but did it already support 
the "restrict" keywords necessary to fix this?

Martin Burnicki

Meinberg Funkuhren
Bad Pyrmont

More information about the questions mailing list