Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Is there a Solaris fix for the NTP security hole found April 2001?

April Fix hole NTP security Solaris
0
Posted

Is there a Solaris fix for the NTP security hole found April 2001?

0 CommentsAdd a Comment

1 Answer

0

This is a security hole allows remote root access (very serious). It was found 4/4/2001 and is is documented at http://www.securityfocus.com/archive/1/174011 All NTP versions (for Solaris 2.6, 7, 8, & (alpha) 9) are impacted. Patches (released 15 October 2001) are now available from Sunsolve. Use 109667-04 for Solaris 8, 109409-04 for Solaris 7 and 107298-03 for Solaris 2.6. For details, see bugid 4434235. Note: the source for NTP version 4.0.99g or greater also has the fix for the April 2001 security hole. Workaround: If your server is accessible from the external Internet, disable xntpd(1M) immediately until you patch it. Sad to say, but this bug was used as an example, in a whitepaper by IBM, to show how much slower Sun reacts to security problems than Linux (or even IBM AIX).

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123