Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NTPd vulnerability [CVE-2014-9295 / CERT VU#852879]

    Scheduled Pinned Locked Moved 2.2 Snapshot Feedback and Problems - RETIRED
    3 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • luckman212L
      luckman212 LAYER 8
      last edited by

      Some news hit the wire recently about a dangerous NTP vuln:

      http://support.ntp.org/bin/view/Main/SecurityNotice#Buffer_overflow_in_ctl_putdata (site currently offline, possibly due to DoS)
      https://news.ycombinator.com/item?id=8773341

      Just wondering if pfSense is vulnerable to this? Do we need to patch or block something in response here? I read that BSD uses OpenNTPD which at first I had heard was impervious to this, but on https://doc.pfsense.org/index.php/NTP_Server it states "The ntp.org NTPD distribution of ntpd is used" so now I am not sure. Any comments?

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        We're still investigating it internally.

        Some more related links:

        Google Cache of the NTP.org notice:
        https://webcache.googleusercontent.com/search?q=cache:jMcfipOGXXwJ:support.ntp.org/bin/view/Main/SecurityNotice+&cd=4&hl=en&ct=clnk&gl=us

        CERT Page:
        http://www.kb.cert.org/vuls/id/852879

        Redhat entry with some Analysis (that sounds not-too-bad, actually):
        https://bugzilla.redhat.com/show_bug.cgi?id=1176037#c11

        NMAP script to check versions, but not an exploit test:
        https://gist.github.com/TomSellers/8d887db6ba11e2466db5

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          what we know at this point.
          https://blog.pfsense.org/?p=1514

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.