Date: Wed, 27 Nov 2013 16:06:18 +0000 From: Tom Evans <tevans.uk@googlemail.com> To: Cristiano Deana <cristiano.deana@gmail.com> Cc: freebsd-current <freebsd-current@freebsd.org> Subject: Re: [request] ntp upgrade Message-ID: <CAFHbX1%2B4%2BydUf=4VTrkP5TyQHxDc31F8Uh48mVzyyfoDpsMLYA@mail.gmail.com> In-Reply-To: <CAO82ECHMS-JUWC4TGwZpfU0opKE-2rOgW8RLOiR23RzVKgFJ3w@mail.gmail.com> References: <CAO82ECHMS-JUWC4TGwZpfU0opKE-2rOgW8RLOiR23RzVKgFJ3w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 27, 2013 at 3:29 PM, Cristiano Deana <cristiano.deana@gmail.com> wrote: > Hi, > > is it possible to include in base system of the upcoming 10.0 the new > version of ntp (4.2.7 instead of 4.2.4)? > > There is a bug in older versions (< 4.2.7) who allows attacker use an ntp > server to DDoS. This has been corrected in new version: > https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks > > This attack seems to be increasing in the last few weeks. > > net/ntp-devel is Ok. > > Thank you, sorry for my basic english. > ntp 4.2.4p8 isn't vulnerable. http://www.cvedetails.com/vulnerability-list/vendor_id-2153/NTP.html The reflection attack is the first in the list, 4.2.4p7 and below are affected. Cheers Tom
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFHbX1%2B4%2BydUf=4VTrkP5TyQHxDc31F8Uh48mVzyyfoDpsMLYA>