NTP security hole CVE-2013-5211?

Fabian Wenk fabian at wenks.ch
Thu Jan 16 09:41:27 UTC 2014


Hello Dag-Erling

On 14.01.2014 14:06, Dag-Erling Smørgrav wrote:
> Cristiano Deana <cristiano.deana at gmail.com> writes:
>> I tried several workaround with config and policy, and ended up you MUST
>> have 4.2.7 to stop these kind of attacks.
>
> Doesn't "restrict noquery" block monlist in 4.2.6?

It does at least in 4.2.4p8 (running on FreeBSD 9.1), so I guess 
this should also work in newer versions.


bye
Fabian


More information about the freebsd-security mailing list