[ntp:security] [Bug 3076] [ntpd] send the overflow packet cause ntpd crash

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Thu Oct 13 08:40:30 UTC 2016


http://bugs.ntp.org/show_bug.cgi?id=3076

--- Comment #3 from Harlan Stenn <stenn at ntp.org> 2016-10-13 08:40:30 UTC ---
Renwang,

(In reply to comment #2)
> (In reply to comment #1)
> Somehow I'm not able to reproduce the attack... It would be best if someone
> could create a binary (or base64 encoded) file that contains the raw UDP (!!)
> data to be sent via 'nc' (netcat) as it's done for bugs 3075,3082,3083.
> 
> Trying to extract the UDP level data with wireshark from the packet capture did
> not have the desired effect -- that is, nothing happened when I threw them to
> ntpd with nc. Probably my fault, but for validation of the bug something easier
> to reproduce would be highly appreciated!

Ping?

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list