<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Full Disclosure: Re: ntpd segfaults accessing IPv6 hosts

Re: ntpd segfaults accessing IPv6 hosts

From: <mayer_at_gis.net>
Date: Mon, 01 Nov 2004 10:30:26 -0500

----- Original Message Follows -----
> Hi full-disclosure!
>
> ntpd 1:4.2.0a-11 (as in debian testing/sarge and unstable/sid)
> segfaults when accessing ntp servers on IPv6 hosts. I don't know
> whether this bug is exploitable. But such a server on
> pool.ntp.org might DoS many servers.

There are no IPv6 addresses in pool.ntp.org so there is no risk here.
(dig AAAA pool.ntp.org)

>
> There is a fixed version available.
>

The latest ntp-dev tarball should have the fixes. Currently the
number of ntp servers with IPv6 AAAA records is very low.

> For more details see http://bugzilla.ntp.org/show_bug.cgi?id=353
>
> Bernhard
>

Danny
NTP Development

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Nov 01 2004

This message: [ Message body ]
Next message: Luke Macken: "[ GLSA 200411-01 ] ppp: Remote denial of service vulnerability"
Previous message: Meder Kydyraliev: "Re: How secure is PHP ?"
Maybe in reply to: Bernhard Kuemel: "ntpd segfaults accessing IPv6 hosts"
Next in thread: evilninja: "Re: ntpd segfaults accessing IPv6 hosts"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]