[ntp:security] [Bug 1331] DoS with mode 7 packets (CVE-2009-3563)

Dave Hart via the NTP Bugzilla bugzilla at ntp.org
Sat Dec 5 02:31:24 UTC 2009


http://bugs.ntp.org/1331



----------------------------------------------------------------------------
Additional Comments From hart at ntp.org (Dave Hart)
Submitted on 2009-12-05 02:31

There are two restrict bits that if found will prevent reaching the buggy code.  
RES_IGNORE, and RES_NOQUERY.  So "restrict default noquery" and including noquery 
on all restrict lines except those where ntpq and ntpdc queries must be permitted 
is a workaround.

-- 
Dave Hart <hart at ntp.org>



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


More information about the security mailing list