[20111] in bugtraq
Re: ntp-4.99k23.tar.gz is available
daemon@ATHENA.MIT.EDU (David L. Mills)
Mon Apr 9 17:53:36 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <3AD1C975.6B4A21A7@udel.edu>
Date: Mon, 9 Apr 2001 15:38:45 +0100
Reply-To: "David L. Mills" <mills@UDEL.EDU>
From: "David L. Mills" <mills@UDEL.EDU>
X-To: "William D. Colburn (aka Schlake)" <wcolburn@nmt.edu>
To: BUGTRAQ@SECURITYFOCUS.COM
William,
The tarball was a panic release including the security fix, but has not
been thoroughly reviewed by our QA team. That's why the wierd version
number. Expect a new release in a couple of days.
Dave
"William D. Colburn (aka Schlake)" wrote:
>
> I haven't seen an announcement anywhere, but I noticed it on the FTP
> server this morning. It is dated Friday evening.
>
> ftp://ftp.udel.edu/pub/ntp/ntp4/ntp-4.0.99k23.tar.gz
>
> I tried it out with the exploit posted by "babcia padlina
> ltd. <venglin@freebsd.lublin.pl>" and it seems to be safe. I never had
> a machine that the exploit worked against, but my ntp servers would exit
> with a segfault when it was run against them. The new server does not
> exit.
>
> I am sending a copy of this message to Dr. Mills, in the hopes that he can
> confim for us that k23 is a final, fixed, version for this exploit.
>
> Also, someone on the ntp newsgroup this weekend said that the FreeBSD
> patch prevented the overflow, but still corrupted data because of an off
> by one error.
>
> --
> William Colburn, "Sysprog" <wcolburn@nmt.edu>
> Computer Center, New Mexico Institute of Mining and Technology
> http://www.nmt.edu/tcc/ http://www.nmt.edu/~wcolburn
