FreeBSD Mail Archives

Date:      Mon, 22 Dec 2014 11:25:22 +0100
From:      Steve Clement <steve@localhost.lu>
To:        Winfried Neessen <neessen@cleverbridge.com>
Cc:        freebsd-security@freebsd.org
Subject:   Re: ntpd vulnerabilities
Message-ID:  <F7FACD2F-3AFE-4717-B4B9-B54A6FC70458@localhost.lu>
In-Reply-To: <B6AF154A-FE22-4357-9031-91D661FD7E57@localhost.lu>
References:  <252350272.1812596.1419241828431.JavaMail.zimbra@cleverbridge.com> <B6AF154A-FE22-4357-9031-91D661FD7E57@localhost.lu>


--Apple-Mail=_9D20F298-84D9-431C-93D2-99D16C17A22C
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=utf-8

Chances are good it is vulnerable:

=
https://svnweb.freebsd.org/base/release/10.0.0/contrib/ntp/ntpd/ntpd.c?vie=
w=3Dlog =
<https://svnweb.freebsd.org/base/release/10.0.0/contrib/ntp/ntpd/ntpd.c?vi=
ew=3Dlog>
=
https://svnweb.freebsd.org/base/release/10.1.0/contrib/ntp/ntpd/ntpd.c?vie=
w=3Dlog =
<https://svnweb.freebsd.org/base/release/10.1.0/contrib/ntp/ntpd/ntpd.c?vi=
ew=3Dlog>

Regarding the diff:

 diff -ru ntp-dev-4.2.7p486-RC ntp-4.2.8 |wc -l
    7723

Cherry picking the patches is easier.

ntpd source trees:

http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-dev/ =
<http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-dev/>;
http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ =
<http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/>;

Luckily that is still up=E2=80=A6 atm ntp.org is down.

Here is the cached version of the notice: =
http://webcache.googleusercontent.com/search?q=3Dcache:support.ntp.org/bin=
/view/Main/SecurityNotice

--
Steve Clement
https://www.twitter.com/SteveClement
mailto:steve@localhost.lu
.lu: +352 20 333 55 65

> On 22 Dec 2014, at 11:06, Steve Clement <steve@localhost.lu> wrote:
>=20
> If someone could share a diff between ntpd 4.2.7 and 4.2.8 would be a =
good start.


--Apple-Mail=_9D20F298-84D9-431C-93D2-99D16C17A22C
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJUl/GSAAoJEGmiD1Cb5K7pyioP/14RmKs/f3Ywu6AblXUjMgXU
mZy+RId2eq5xQ+6mVieE1xK+8a5aKwkixekUBX5kB99acvIHfU36J2KIIs6BkuZa
7RAq5XAC8h2TmJVCXsSmhFxKBKdvDfp0lhXvdgPt59BCLxDPTdUDUAyWl29Zodai
pdJU2PR/Nb/f45WQVo22bHF890I5vgCnMiSjhGytrPNcm4p1Hilr8UeG5cDPZtNA
JjrXmCD8rNJh9IYFGVxtvl3EpqQ2SDSJOiYPTAR9PjPOOvQM8U8w4ZlpsxEv8eRA
+94tfqs1UxJgF69hV36zMw8sICWhehD0TgZsYbUoOYf2YZeO0AguUJOg9eNXZa+F
y3BxLMpZU0TkWTtKZ3wtu3xwrs5rm2o2USHqWt10AFIm26D1UkkgE1TodfmY+1xB
4DKzJpXnCF3dcf2K8+cSgho8llpFGDGu+J07CFR8c6kN8qdVX1zsYj7MtVBZnipH
mC8pHxkSP8P4Xznc0lhWyX8II1/5y9kXwFOEDMJNDeXfCRSuIdHtPoF9KAhZZy4K
MVIxmShz7WRCG5DU+Mo2lWTqX1ChYnE88m7gad79zQfiIzKdNaKTVvwcYLCzVh31
BX9GvOU2Alu8uI2H5yNpWMeMNSWVugtwXO2f3QzCUOsYl7nec1HCIEQFsK/Uwe5V
0JNSp6YFiSpNzwcWlDbf
=R5sA
-----END PGP SIGNATURE-----

--Apple-Mail=_9D20F298-84D9-431C-93D2-99D16C17A22C--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F7FACD2F-3AFE-4717-B4B9-B54A6FC70458>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation