From owner-freebsd-security Thu Apr 19 17:10: 8 2001 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 98E5037B43C for ; Thu, 19 Apr 2001 17:10:04 -0700 (PDT) (envelope-from Cy.Schubert@uumail.gov.bc.ca) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id RAA13953; Thu, 19 Apr 2001 17:09:55 -0700 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda13951; Thu Apr 19 17:09:35 2001 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.2/8.9.1) id f3K09UY27880; Thu, 19 Apr 2001 17:09:30 -0700 (PDT) Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdO27875; Thu Apr 19 17:08:54 2001 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.3/8.9.1) id f3K08sA07253; Thu, 19 Apr 2001 17:08:54 -0700 (PDT) Message-Id: <200104200008.f3K08sA07253@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdYv7249; Thu Apr 19 17:08:50 2001 X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-Sender: schubert To: Chris Faulhaber Cc: "Philip J. Koenig" , FreeBSD Security List Subject: Re: ntpd version not updated? In-reply-to: Your message of "Thu, 19 Apr 2001 19:58:13 EDT." <20010419195813.A79537@peitho.fxp.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 19 Apr 2001 17:08:50 -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <20010419195813.A79537@peitho.fxp.org>, Chris Faulhaber writes: > > --jRHKVT23PllUwdXP > Content-Type: text/plain; charset=us-ascii > Content-Disposition: inline > Content-Transfer-Encoding: quoted-printable > > On Thu, Apr 19, 2001 at 04:32:08PM -0700, Philip J. Koenig wrote: > > Re: the recent security advisory on ntpd. It says in part that versions = > of ntpd=20 > > prior to "ntp-4.0.99k_2" are vulnerable, and that 4.2 STABLE as of 4/6 wa= > s=20 > > corrected. > >=20 > > I just CVSup'd 4.2-STABLE (RELENG_4) as of 4/15, did make world etc., and= > =20 > > based on the "version" command in ntpq and ntpdc, and the syslog message,= > =20 > > I'm still running version 4.0.99b. Here's the syslog message: > >=20 > > Apr 19 16:14:56 server ntpd[168]: ntpd 4.0.99b Sun Apr 15 09:10:45 PDT 20= > 01 (1) > >=20 > >=20 > > Is there something I'm missing here? > >=20 > > If you are using ntpd in the base system and you updated your system > after 4/6, you are not vulnerable. > > If you are using ntpd from the ports system, ensure that it's > version is ntp-4.0.99k_2 or greater. The following command should > display the version of the port you have installed: > # pkg_version | grep ntp ntp-4.0.99k23 is the most recent version of ntp. It includes the fix for the recently discovered exploit. -- Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message