1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

NTP prior to 4.2.8 vulnerable

Discussion in 'Server Configuration and Hosting' started by Tracy Perry, Dec 21, 2014.

  1. Tracy Perry

    Tracy Perry Well-Known Member

    From support.ntp.org (figure most admins know about this already but several folks that run servers don't keep up with it nor update their server/VPS regularly).

    NTF's NTP Project has been notified of a number of vulnerabilities from Neel Mehta and Stephen Roettger of Google's Security Team. The two most serious of these issues and four less serious issues have been resolved as of ntp-4.2.8, which was released on 18 December 2014. There are still two less significant issues to be addressed. We're expecting to fix these within the next month.

    And from that wonderful ZDNet publication a scare you article.

    Main thing is.. if you use NTP and you haven't updated your VPS/Dedi, I'd suggest doing so.

Share This Page