[ntp:security] [Bug 3119] Trap crash
bugzilla-daemon at ntp.org
bugzilla-daemon at ntp.org
Thu Nov 17 16:30:40 UTC 2016
http://bugs.ntp.org/show_bug.cgi?id=3119
--- Comment #8 from Matthew Van Gundy <mvangund at cisco.com> 2016-11-17 16:30:40 UTC ---
(In reply to comment #7)
> Matt,
>
> I'm planning to go with:
>
> 4.2 - CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
>
> because traps are not set up by default. Enabling traps requires root access
> (AC:H) and user interaction (UI:R) in order to create the necessary conditions
> for this bug.
>
> Bug 3118 is a separate issue here.
>
> I'm happy to discuss this if you disagree.
Hi Harlan,
I agree that enabling traps is AC:H... but once enabled, the preconditions are
satisfied and no further user interaction is required (UI:N).
Thanks,
Matt
--
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
More information about the security
mailing list