Attachment #208517 for bug #290881

View | Details | Raw Unified | Return to bug 290881
Collapse All | Expand All

Lines 1-4 Link Here

(-)ntp-4.2.4p7/ChangeLog (+4 lines)
1	---	1	---
		2
		3	* [Sec 1331] DoS with mode 7 packets - CVE-2009-3563.
		4
		5	---
2	(4.2.4p7) 2009/05/18 Released by Harlan Stenn <stenn@ntp.org>	6	(4.2.4p7) 2009/05/18 Released by Harlan Stenn <stenn@ntp.org>
3		7
4	* [Sec 1151] Remote exploit if autokey is enabled - CVE-2009-1252.	8	* [Sec 1151] Remote exploit if autokey is enabled - CVE-2009-1252.

Lines 409-414 process_private( Link Here

(-)ntp-4.2.4p7/ntpd/ntp_request.c (-2 / +9 lines)
409	int mod_okay	409	int mod_okay
410	)	410	)
411	{	411	{
		412	static u_long quiet_until;
412	struct req_pkt *inpkt;	413	struct req_pkt *inpkt;
413	struct req_pkt_tail *tailinpkt;	414	struct req_pkt_tail *tailinpkt;
414	struct sockaddr_storage *srcadr;	415	struct sockaddr_storage *srcadr;
Lines 444-451 process_private( Link Here
444	\|\| (++ec, INFO_MBZ(inpkt->mbz_itemsize) != 0)	445	\|\| (++ec, INFO_MBZ(inpkt->mbz_itemsize) != 0)
445	\|\| (++ec, rbufp->recv_length < REQ_LEN_HDR)	446	\|\| (++ec, rbufp->recv_length < REQ_LEN_HDR)
446	) {	447	) {
447	msyslog(LOG_ERR, "process_private: INFO_ERR_FMT: test %d failed, pkt from %s", ec, stoa(srcadr));	448	NLOG(NLOG_SYSEVENT)
448	req_ack(srcadr, inter, inpkt, INFO_ERR_FMT);	449	if (current_time >= quiet_until) {
		450	msyslog(LOG_ERR,
		451	"process_private: drop test %d"
		452	" failed, pkt from %s",
		453	ec, stoa(srcadr));
		454	quiet_until = current_time + 60;
		455	}
449	return;	456	return;
450	}	457	}
451		458

Return to bug 290881