From owner-freebsd-stable Sat Apr 7 18:30:25 2001 Delivered-To: freebsd-stable@freebsd.org Received: from warez.scriptkiddie.org (uswest-dsl-142-38.cortland.com [209.162.142.38]) by hub.freebsd.org (Postfix) with ESMTP id 3EC7737B423 for ; Sat, 7 Apr 2001 18:30:22 -0700 (PDT) (envelope-from lamont@scriptkiddie.org) Received: from coredump.scriptkiddie.rog (coredump.scriptkiddie.org [192.168.69.2]) by warez.scriptkiddie.org (Postfix) with ESMTP id 37D4462D01; Sat, 7 Apr 2001 18:30:41 -0700 (PDT) Date: Sat, 7 Apr 2001 18:30:21 -0700 (PDT) From: To: Kal Torak Cc: FreeBSD-stable Subject: Re: ntpd root exploit - advisory? In-Reply-To: <3ACEBDB0.DD6555C8@quake.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 7 Apr 2001, Kal Torak wrote: > Just wondering why there has been no security advisory on the > announce list about the ntpd root exploit and buffer overflow > allowing for syslog DoS attack... actually, its much worse than a syslog DoS attack. you can easily trash the machine using this exploit. its just difficult to remotely get a shell out of it (difficult does not == impossible, difficult merely means that nobody has made public a way to do it, and i haven't been able to figure one out...). not only that but the attack can be spoofed and is pretty much untraceable and can't be filtered (at least not perfectly). > I noticed that a few fixes have been committed to stable for > ntpd, but no advisory... Whats going on? Is it still not totally > fixed yet? its fixed in the latest 4.2-stable, i'd not waste any time upgrading. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message