Harlan Stenn schrieb:
Brian Utterback writes:
I did test it and saw indications that it would be vulnerable. I don't
have exploit code so I didn't actually get an exploit going, but I saw
enough to convince me.
If xntpd responds to the mode 7 monlist command it's vulnerable, and the
easy fix is to add a 'restrict default noquery' line to the config file.
I agree xntpd is probably also vulnerable, but did it already support
the "restrict" keywords necessary to fix this?
Martin
--
Martin Burnicki
Meinberg Funkuhren
Bad Pyrmont
Germany
_______________________________________________
questions mailing list
[email protected]
http://lists.ntp.org/listinfo/questions
