Date: Thu, 9 Jan 2014 15:12:19 +0100 From: Palle Girgensohn <girgen@FreeBSD.org> To: Eugene Grosbein <eugen@grosbein.net> Cc: freebsd-security@freebsd.org Subject: Re: NTP security hole CVE-2013-5211? Message-ID: <81785015-5083-451C-AC0B-4333CE766618@FreeBSD.org> In-Reply-To: <52CEAD69.6090000@grosbein.net> References: <B0F3AA0A-2D23-424B-8A79-817CD2EBB277@FreeBSD.org> <52CEAD69.6090000@grosbein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--Apple-Mail=_72276C91-126B-4117-B38D-102D6A7876C7 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=us-ascii 9 jan 2014 kl. 15:08 skrev Eugene Grosbein <eugen@grosbein.net>: > On 09.01.2014 19:38, Palle Girgensohn wrote: >> They recommend at least 4.2.7. Any thoughts about this? > > Other than updating ntpd, you can filter out requests to 'monlist' command > with 'restrict ... noquery' option that disables some queries for > the internal ntpd status, including 'monlist'. > > See http://support.ntp.org/bin/view/Support/AccessRestrictions for details. Yes. But shouldn't there be a security advisory for FreeBSD specifically? --Apple-Mail=_72276C91-126B-4117-B38D-102D6A7876C7 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJSzq5DAAoJEIhV+7FrxBJDRz4H/1zm3zUNJ1gqBoWPg+s/BcMs N2fxza4iqjsVL/1RMctTlotXkasnS5UR+yJi13L85tfMLK4W7n5n/7/PsybDDcJO Vs8F0OkUChZ4PhXzi/UHACIjhzzCq7YcuFcwdFYixvxrt7hD0/xTRzPKijT+WfFI Anus7Sx1J1kHkmPXOEkafPQUeLZHMvhbzEXL9rR2sn7uTN6dEtFpArFP3yGGRNlt en/EBSrkQHD4yIeNbpLcTTLwCYS8pi+ucKnGzggTONk4h2PkYko1ZpybCFAEDlo8 DZDqtbVbUuYQBe2CCoWamwYUKzn4ykP9L3K9lsBcDIUhg/PdLn8Eia4Ns0qyTBA= =qwhC -----END PGP SIGNATURE----- --Apple-Mail=_72276C91-126B-4117-B38D-102D6A7876C7--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?81785015-5083-451C-AC0B-4333CE766618>