NTPd vulnerability [CVE-2014-9295 / CERT VU#852879]
luckman212 last edited by
Some news hit the wire recently about a dangerous NTP vuln:
http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata (site currently offline, possibly due to DoS)
Just wondering if pfSense is vulnerable to this? Do we need to patch or block something in response here? I read that BSD uses OpenNTPD which at first I had heard was impervious to this, but on https://doc.pfsense.org/index.php/NTP_Server it states "The ntp.org NTPD distribution of ntpd is used" so now I am not sure. Any comments?
We're still investigating it internally.
Some more related links:
Google Cache of the NTP.org notice:
Redhat entry with some Analysis (that sounds not-too-bad, actually):
NMAP script to check versions, but not an exploit test:
what we know at this point.