2009年12月 9日

[installer 2167] ntp-4.2.4p8

ntp-4.2.4p8 出ています。

NTP mode 7 の DoS の修正が含まれています。
http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode
http://www.kb.cert.org/vuls/id/568372
参照のこと。

☆ ntp-4.2.4p8

http://www.ntp.org/
ftp://ftp.udel.edu/pub/ntp/ntp4/ntp-4.2/ntp-4.2.4p8.tar.gz)
ftp://archive.ntp.org/ntp4/ntp-4.2/ntp-4.2.4p8.tar.gz)
http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.4p8.tar.gz

NTP 4.2.4p8 (Harlan Stenn <stenn@xxxxx>, 2009/12/08)

Focus: Security Fixes

Severity: HIGH

This release fixes the following high-severity vulnerability:

* [Sec 1331] DoS with mode 7 packets - CVE-2009-3563.

See http://support.ntp.org/security for more information.

NTP mode 7 (MODE_PRIVATE) is used by the ntpdc query and control utility.
In contrast, ntpq uses NTP mode 6 (MODE_CONTROL), while routine NTP time
transfers use modes 1 through 5. Upon receipt of an incorrect mode 7
request or a mode 7 error response from an address which is not listed
in a "restrict ... noquery" or "restrict ... ignore" statement, ntpd will
reply with a mode 7 error response (and log a message). In this case:

* If an attacker spoofs the source address of ntpd host A in a
mode 7 response packet sent to ntpd host B, both A and B will
continuously send each other error responses, for as long as
those packets get through.

* If an attacker spoofs an address of ntpd host A in a mode 7
response packet sent to ntpd host A, A will respond to itself
endlessly, consuming CPU and logging excessively.

Credit for finding this vulnerability goes to Robin Park and Dmitri
Vinokurov of Alcatel-Lucent.

THIS IS A STRONGLY RECOMMENDED UPGRADE.

----
こがよういちろう


投稿者 xml-rpc : 2009年12月 9日 10:20
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/91289
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。