[ntp:security] [Bug 2672] ::1 can be spoofed. ACLs based on source IP can be bypassed

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Wed Oct 28 17:27:28 UTC 2015


http://bugs.ntp.org/show_bug.cgi?id=2672

--- Comment #7 from Danny Mayer <mayer at ntp.org> 2015-10-28 17:27:28 UTC ---
This code was put into NTP because a number of Operating Systems were not
checking that a source address of ::1 can only come in on the loopback
interface. This code is a workaround for something that should have been in the
O/S kernal. You should be checking the kernel to make sure that the situation
cannot happen in FreeBSD rather than worrying about this fix.

Danny

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list