[ntp:security] [Bug 2670] receive(): missing return on error

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Tue Nov 25 06:18:31 UTC 2014


--- Comment #2 from Harlan Stenn <stenn at ntp.org> 2014-11-25 06:18:31 UTC ---

I see that if we fail the test (because of AUTH_ERROR) we fall thru instead of
returning, and might mobilize a symmetric passive association.

I'm trying to understand the "danger" level here for a CVNSS score.  Got any

Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the security mailing list