Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE to the ntp monlist DDoS issue?
From: "Mike O'Connor" <mjo () dojo mi org>
Date: Mon, 30 Dec 2013 07:46:40 -0500

There's a recent rash of DDoS involving the monlist functionality
in older ntp.org ntp.  Has anyone thought about assigning a CVE to
this?  It looks like the issue may have been addressed back in 2010, 
but only in the context of ntp.org's "dev" tree, not "stable".  

http://bugs.ntp.org/show_bug.cgi?id=1532
https://cert.litnet.lt/en/docs/ntp-distributed-reflection-dos-attacks
http://www.symantec.com/connect/blogs/hackers-spend-christmas-break-launching-large-scale-ntp-reflection-attacks


-- 
 Michael J. O'Connor                                          mjo () dojo mi org
 =--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--==--=
"To collect sulphur, hold a deacon over a flame..."        -Anguished English

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]