[Bug 193303] New: NTP needs to be updated as a matter of urgency
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Sep 4 04:26:17 UTC 2014
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193303
Bug ID: 193303
Summary: NTP needs to be updated as a matter of urgency
Product: Ports Tree
Version: Latest
Hardware: Any
OS: Any
Status: Needs Triage
Severity: Affects Many People
Priority: ---
Component: Individual Port(s)
Assignee: freebsd-ports-bugs at FreeBSD.org
Reporter: dave at horsfall.org
As I type this, my NTPD server is under a DoS attack from a botnet, using a
vulnerability known since late 2013. The ports tree urgently needs to be
upgraded to NTP 4.2.7.p26; it currently has 4.2.6p2, which is vulnerable.
I have since firewalled inbound ntp/udp, as I am not peering.
More information at
http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using
Please address. Thanks.
-- Dave
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list