Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 208517 Details for
Bug 290881
<net-misc/ntp-4.2.4_p7-r1 Mode 7 message loop Denial of service (CVE-2009-3563)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
ntp-4.2.4_p7-CVE-2009-3563.patch
ntp-4.2.4_p7-CVE-2009-3563.patch (text/plain), 1.71 KB, created by
Robert Buchholz (RETIRED)
on 2009-10-28 13:58:53 UTC
(
hide
)
Description:
ntp-4.2.4_p7-CVE-2009-3563.patch
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2009-10-28 13:58:53 UTC
Size:
1.71 KB
patch
obsolete
># This is a BitKeeper generated diff -Nru style patch. ># ># ChangeSet ># 2009/10/07 01:33:22+00:00 davehart@shiny.ad.hartbrothers.com ># [Sec 1331] DoS with mode 7 packets - CVE-2009-3563. ># ># ChangeLog ># 2009/10/07 01:33:21+00:00 davehart@shiny.ad.hartbrothers.com +4 -0 ># [Sec 1331] DoS with mode 7 packets - CVE-2009-3563. ># ># ntpd/ntp_request.c ># 2009/10/07 01:33:21+00:00 davehart@shiny.ad.hartbrothers.com +9 -2 ># [Sec 1331] DoS with mode 7 packets - CVE-2009-3563. ># >Index: ntp-4.2.4p7/ChangeLog >=================================================================== >--- ntp-4.2.4p7.orig/ChangeLog >+++ ntp-4.2.4p7/ChangeLog >@@ -1,4 +1,8 @@ > --- >+ >+* [Sec 1331] DoS with mode 7 packets - CVE-2009-3563. >+ >+--- > (4.2.4p7) 2009/05/18 Released by Harlan Stenn <stenn@ntp.org> > > * [Sec 1151] Remote exploit if autokey is enabled - CVE-2009-1252. >Index: ntp-4.2.4p7/ntpd/ntp_request.c >=================================================================== >--- ntp-4.2.4p7.orig/ntpd/ntp_request.c >+++ ntp-4.2.4p7/ntpd/ntp_request.c >@@ -409,6 +409,7 @@ process_private( > int mod_okay > ) > { >+ static u_long quiet_until; > struct req_pkt *inpkt; > struct req_pkt_tail *tailinpkt; > struct sockaddr_storage *srcadr; >@@ -444,8 +445,14 @@ process_private( > || (++ec, INFO_MBZ(inpkt->mbz_itemsize) != 0) > || (++ec, rbufp->recv_length < REQ_LEN_HDR) > ) { >- msyslog(LOG_ERR, "process_private: INFO_ERR_FMT: test %d failed, pkt from %s", ec, stoa(srcadr)); >- req_ack(srcadr, inter, inpkt, INFO_ERR_FMT); >+ NLOG(NLOG_SYSEVENT) >+ if (current_time >= quiet_until) { >+ msyslog(LOG_ERR, >+ "process_private: drop test %d" >+ " failed, pkt from %s", >+ ec, stoa(srcadr)); >+ quiet_until = current_time + 60; >+ } > return; > } >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 290881
: 208517 |
208519