From owner-svn-ports-head@FreeBSD.ORG Tue Jan 14 21:15:11 2014 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8F7101BB; Tue, 14 Jan 2014 21:15:11 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 700C219D7; Tue, 14 Jan 2014 21:15:11 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id s0ELFBV4068280; Tue, 14 Jan 2014 21:15:11 GMT (envelope-from remko@svn.freebsd.org) Received: (from remko@localhost) by svn.freebsd.org (8.14.7/8.14.7/Submit) id s0ELFB1Q068278; Tue, 14 Jan 2014 21:15:11 GMT (envelope-from remko@svn.freebsd.org) Message-Id: <201401142115.s0ELFB1Q068278@svn.freebsd.org> From: Remko Lodder Date: Tue, 14 Jan 2014 21:15:11 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r339721 - head/security/vuxml X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jan 2014 21:15:11 -0000 Author: remko (src,doc committer) Date: Tue Jan 14 21:15:10 2014 New Revision: 339721 URL: http://svnweb.freebsd.org/changeset/ports/339721 QAT: https://qat.redports.org/buildarchive/r339721/ Log: Fix the latest entry, it has many issues, make validate told us exactly what was wrong. I redid the entry and just took out the ul/li structure and replaced it with regular paragraphs. It might be worth investigating to use the FreeBSD SA that got released because of this as the main text, which is best suited imo. Hat: secteam Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Jan 14 21:14:46 2014 (r339720) +++ head/security/vuxml/vuln.xml Tue Jan 14 21:15:10 2014 (r339721) @@ -52,7 +52,7 @@ Note: Please add new entries to the beg --> - ntpd DRDoS / Amplification Attack using ntpdc monlist command + ntpd DRDoS / Amplification Attack using ntpdc monlist command ntp @@ -63,26 +63,23 @@ Note: Please add new entries to the beg

ntp.org reports:

-
-
References: CVE-2013-5211 / VU#348126 -
Versions: All releases prior to 4.2.7p26 -
Date Resolved: 2010/04/24 -
Summary: Unrestricted access to the monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013 -
Mitigation: -
-
Upgrade to 4.2.7p26 or later. -
Users of versions before 4.2.7p26 should either: -
-
Use noquery to your default restrictions to block all status queries. -
Use disable monitor to disable the ntpdc -c monlist command while still allowing other status queries. -
-
-
+
Unrestricted access to the monlist feature in + ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote + attackers to cause a denial of service (traffic + amplification) via forged (1) REQ_MON_GETLIST or (2) + REQ_MON_GETLIST_1 requests, as exploited in the wild in + December 2013
+
Use noquery to your default restrictions to block all + status queries.
+
Use disable monitor to disable the ``ntpdc -c monlist'' + command while still allowing other status queries.

CVE-2013-5211 + SA-14:02.ntpd + http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using 2014-01-01