[ntp:security] [Bug 2947] Ntpq vulnerable to replay attacks

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Wed Mar 14 20:58:23 UTC 2018


http://bugs.ntp.org/show_bug.cgi?id=2947

contacto at agora-security.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |contacto at agora-security.com

--- Comment #3 from contacto at agora-security.com 2018-03-14 20:58:07 UTC ---
Hello,

In what version has this been patched?
NVD says "The ntpq protocol in NTP before 4.2.8p7"
Link: https://nvd.nist.gov/vuln/detail/CVE-2015-8140

Anyhow http://support.ntp.org/bin/view/Main/NtpBug2947
says "Affects: All ntp-4 releases up to, but not including 4.2.8p6, and 4.3.0
up to, but not including 4.3.XX"

Thanks!

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list