NTP security hole CVE-2013-5211?
Palle Girgensohn
girgen at FreeBSD.org
Thu Jan 9 14:12:22 UTC 2014
9 jan 2014 kl. 15:08 skrev Eugene Grosbein <eugen at grosbein.net>:
> On 09.01.2014 19:38, Palle Girgensohn wrote:
>> They recommend at least 4.2.7. Any thoughts about this?
>
> Other than updating ntpd, you can filter out requests to 'monlist' command
> with 'restrict ... noquery' option that disables some queries for
> the internal ntpd status, including 'monlist'.
>
> See http://support.ntp.org/bin/view/Support/AccessRestrictions for details.
Yes. But shouldn't there be a security advisory for FreeBSD specifically?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20140109/ab2a69b4/attachment.sig>
More information about the freebsd-security
mailing list