[ntp:security] [Bug 3072] Attack on interface selection

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Wed Jul 27 05:30:44 UTC 2016


Juergen Perlinger <perlinger at ntp.org> changed:

           What    |Removed                     |Added
                 CC|                            |perlinger at ntp.org

--- Comment #2 from Juergen Perlinger <perlinger at ntp.org> 2016-07-27 05:30:44 UTC ---
I can imagine what was the reason to change the interface association with
incoming packets, but IMHO this is indeed dangerous and fragile.

I think think updating the association should not be done, at least not unless
the packet source can be authenticated.

Or am I missing something essential here?

Configure bugmail: https://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the security mailing list