[ntp:security] [Bug 1331] DoS with mode 7 packets (CVE-2009-3563)
Dave Hart via the NTP Bugzilla
bugzilla at ntp.org
Sat Dec 5 02:31:24 UTC 2009
http://bugs.ntp.org/1331
----------------------------------------------------------------------------
Additional Comments From hart at ntp.org (Dave Hart)
Submitted on 2009-12-05 02:31
There are two restrict bits that if found will prevent reaching the buggy code.
RES_IGNORE, and RES_NOQUERY. So "restrict default noquery" and including noquery
on all restrict lines except those where ntpq and ntpdc queries must be permitted
is a workaround.
--
Dave Hart <hart at ntp.org>
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the security
mailing list