I recently received a question from a customer about CVE-201305211, the
monlist amplification attack. Specifically they asked if the attack
affected xntpd. They had another vendor that said no, that the attack
only affects ntpd. This surprised me since as far as I know the monlist
mechanism is the same in xntpd. I thought the vendor was merely
incorrect. However, I then read the CERT and NIST versions of the CVE
and there is no mention of xntpd. Indeed, a literal reading of the CVE
does indeed imply that xntpd is not vulnerable.
I don't think I am wrong about xntpd being vulnerable. If I am, please
correct me. But if I am not, we should probably see about getting the
CVE amended.
--
blu
Always code as if the guy who ends up maintaining your code will be a
violent psychopath who knows where you live. - Martin Golding
-----------------------------------------------------------------------|
Brian Utterback - Solaris RPE, Oracle Corporation.
Ph:603-262-3916, Em:[email protected]
_______________________________________________
questions mailing list
[email protected]
http://lists.ntp.org/listinfo/questions
