[ntp:security] [Bug 2901] Clients that receive a KoD should validate the origin timestamp field.

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Fri Jan 22 08:02:59 UTC 2016


--- Comment #14 from Miroslav Lichvar <mlichvar at redhat.com> 2016-01-22 08:02:59 UTC ---
In the current stable code on line 1416 in ntp_proto.c is checked the transmit
timestamp. When it's zero the code that checks the origin timestamp starting at
line 1462 is not executed. A packet that has zero transmit timestamp avoids
validation of the origin timestamp.

Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the security mailing list