[ntp:security] [Bug 1331] DoS with mode 7 packets (CVE-2009-3563)

Danny Mayer via the NTP Bugzilla bugzilla at ntp.org
Wed Oct 28 02:55:39 UTC 2009


http://bugs.ntp.org/1331



----------------------------------------------------------------------------
Additional Comments From mayer at ntp.org (Danny Mayer)
Submitted on 2009-10-28 02:55

Comment #14 raises an interesting point, that I haven't had a chance to check,
having overlooked it when I first read it. If a mode 6 or mode 7 packet arrives
from a multicast or broadcast address it should always be dropped even if the
packet is valid. In fact the only packets arriving on those addresses should be
the broadcast (mode 5) packets. I haven't looked to see if they are being
dropped. I'll open a separate bug report on this but I don't think it would
classify as a security issue.

Danny

-- 
Danny Mayer <mayer at ntp.org>



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


More information about the security mailing list