• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: [Fed-Talk] Snow Leopard NTP issue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fed-Talk] Snow Leopard NTP issue

  • Subject: Re: [Fed-Talk] Snow Leopard NTP issue
  • From: "Downin, David M CIV NSWCCD West Bethesda, 513" <email@hidden>
  • Date: Thu, 02 Feb 2012 09:35:57 -0500
  • Thread-topic: [Fed-Talk] Snow Leopard NTP issue
Yes, that should fix the vulnerability - however that alone will not keep it from showing in a Retina scan as all they are looking at is the version number of the executable.  So you may still want to change the version number even after removing the line noted below.  Also, I just noticed that line doesn't appear in the ntp.conf file I had.  Mine was just a single line indicating the server to connect to.


-----Original Message-----
From: fed-talk-bounces+david.downin=email@hidden on behalf of Traynor, Paul I
Sent: Wed 2/1/2012 3:31 PM
To: email@hidden; email@hidden
Cc: email@hidden
Subject: Re: [Fed-Talk] Snow Leopard NTP issue

Mitigation (excerpted from http://www.kb.cert.org/vuls/id/853097):

Disable autokey

This vulnerability can be mitigated by removing the "crypto pw password"
line (no quotes) from the ntp.conf file.

----------------------------------------------------------

-----Original Message-----
From: fed-talk-bounces+paul.i.traynor=email@hidden
[mailto:fed-talk-bounces+paul.i.traynor=email@hidden] On
Behalf Of Todd Heberlein
Sent: Wednesday, February 01, 2012 11:55 AM
To: Smith CIV Larry E
Cc: email@hidden
Subject: Re: [Fed-Talk] Snow Leopard NTP issue


On Feb 1, 2012, at 5:14 AM, Smith CIV Larry E wrote:

> I've been working my way through mitigating issues found in a recent
Retina scan and the only thing I'm having an issue with, is finding a fix
for a "ntpd Autokey Buffer Overflow" vulnerability (CVE-2009-1252).

Network-based vulnerability scanners are known to generate false positives.
Has there been confirmation that this vulnerability exists and is
exploitable in Snow Leopard?

Todd

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden







 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: [Fed-Talk] Snow Leopard NTP issue
      • From: "Link, Peter R." <email@hidden>
References: 
 >Re: [Fed-Talk] Snow Leopard NTP issue (From: Todd Heberlein <email@hidden>)

  • Prev by Date: Re: [Fed-Talk] I fell for the 10.7.3 Update
  • Next by Date: Re: [Fed-Talk] Snow Leopard NTP issue
  • Previous by thread: Re: [Fed-Talk] Snow Leopard NTP issue
  • Next by thread: Re: [Fed-Talk] Snow Leopard NTP issue
  • Index(es):
    • Date
    • Thread