[ntp:security] [Bug 2781] authentication doesn't protect symmetric associations against DoS attacks

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Tue May 19 15:41:16 UTC 2015


http://bugs.ntp.org/show_bug.cgi?id=2781

Danny Mayer <mayer at ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mayer at ntp.org

--- Comment #8 from Danny Mayer <mayer at ntp.org> 2015-05-19 15:41:16 UTC ---
(In reply to comment #7)
> It was mentioned that this issue can impact NTPv3 also. However attached patch
> does not seem to be relevant xntp 3.5 because corresponding code is not there,
> which is peer->xmt = p_xmt;
> 
> Can you please let me know if a patch/fix is available for xntp 3.5
> 
> Thanks.

NTP 3.5 has not been supported for many years. You should upgrade to the latest
version of NTP which is currently 4.2.8p2. Is there a reason to fix 3.5 instead
of upgrading to the latest version which can at least be supported?

Danny

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list