NTP security hole CVE-2013-5211?

Eugene Grosbein eugen at grosbein.net
Thu Jan 9 14:08:51 UTC 2014


On 09.01.2014 19:38, Palle Girgensohn wrote:
> They recommend at least 4.2.7. Any thoughts about this?

Other than updating ntpd, you can filter out requests to 'monlist' command
with 'restrict ... noquery' option that disables some queries for
the internal ntpd status, including 'monlist'.

See http://support.ntp.org/bin/view/Support/AccessRestrictions for details.

Eugene Grosbein




More information about the freebsd-security mailing list