[ntp:security] [Bug 3119] Trap crash

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Thu Nov 17 16:30:40 UTC 2016


--- Comment #8 from Matthew Van Gundy <mvangund at cisco.com> 2016-11-17 16:30:40 UTC ---
(In reply to comment #7)
> Matt,
> I'm planning to go with:
>  4.2 - CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
> because traps are not set up by default.  Enabling traps requires root access
> (AC:H) and user interaction (UI:R) in order to create the necessary conditions
> for this bug.
> Bug 3118 is a separate issue here.
> I'm happy to discuss this if you disagree.

Hi Harlan,

I agree that enabling traps is AC:H... but once enabled, the preconditions are
satisfied and no further user interaction is required (UI:N).


Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the security mailing list