[ntp:security] About Security Issues related to ntp

Danny Mayer mayer at ntp.org
Fri Jan 24 15:10:58 UTC 2014


On 1/24/2014 12:38 AM, 知覧 有紀 wrote:
> the team of ntp
> 
> Hi, this is yuki.
> I checked the security Issues of ntp.
> 
> http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using
> 
> ------------------------------
> DRDoS / Amplification Attack using ntpdc monlist command
> 
>     References: CVE-2013-5211 / VU#348126
> ------------------------------
> 
> Dose it include xntpd( ntpv3 )in the security issue?
> 

This refers to NTP v4. NTP v3 hasn't been supported for many years. I
suspect that NTP v3 would be just as vulnerable. Please upgrade to the
latest release.

Danny
> 
> Regards,
> Yuki
> _______________________________________________
> security mailing list
> security at lists.ntp.org
> http://lists.ntp.org/listinfo/security
> 
> 



More information about the security mailing list