[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux-security] ALERT: remote root exploit in ntpd

To: linux-security@sfu.ca
Subject: Re: [linux-security] ALERT: remote root exploit in ntpd
From: Martin Siegert <siegert@sfu.ca>
Date: Fri, 6 Apr 2001 19:18:14 -0700
In-Reply-To: <20010406190923.A14853@stikine.ucs.sfu.ca>; from siegert@sfu.ca on Fri, Apr 06, 2001 at 07:09:23PM -0700
References: <20010406190923.A14853@stikine.ucs.sfu.ca>
User-Agent: Mutt/1.2.5i

On Fri, Apr 06, 2001 at 07:09:23PM -0700, Martin Siegert wrote:

> Workaround
> ==========
> If you are using ntpd only to synchronize time with external servers, i.e.,
> if you are using ntpd only as a client (no machines connect to your machine
> to get the time from it), then you can add the following line to you
> /etc/ntp.conf file:
> 
> restrict default ignore
> 
> This was reported to prevent the exploit.

If you choose this workaround, do not forget to restart ntpd (or xntpd) after
changing the /etc/ntp.conf file.

References:
- [linux-security] ALERT: remote root exploit in ntpd
  - From: Martin Siegert <siegert@sfu.ca>
- [linux-security] ALERT: remote root exploit in ntpd
  - From: Martin Siegert <siegert@sfu.ca>

Prev by Date: [linux-security] ALERT: remote root exploit in ntpd
Next by Date: Re: [linux-security] ALERT: remote root exploit in ntpd (Caldera)
Prev by thread: [linux-security] ALERT: remote root exploit in ntpd
Next by thread: Re: [linux-security] ALERT: remote root exploit in ntpd (Caldera)
Index(es):
- Date
- Thread