sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-07-18 09:49:18 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

o Fix a potential ROOT-exploit in NTPD.

Browse source 
(grabbed from src/contrib/ntp/ntpd)
o new maintainer.

PR:		26369
Submitted by:	Cy Schubert <Cy.Schubert@uumail.gov.bc.ca>
This commit is contained in:
FUJISHIMA Satsuki 2001-04-05 19:59:25 +00:00
parent 7107f92464
commit 47c0440329
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=40915
6 changed files with 78 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
net/ntp-devel/Makefile
View file

@ -7,10 +7,11 @@
PORTNAME= ntp
PORTVERSION= 4.0.99k
PORTREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.udel.edu/pub/ntp/ntp4/
MAINTAINER= ports@FreeBSD.org
MAINTAINER= Cy.Schubert@uumail.gov.bc.ca
# ntp's configure script created by autoconf 2.14.1 doesn't work
# if GNU_CONFIGURE is defined

24
net/ntp-devel/files/patch-ntp_control.c Normal file
View file

@ -0,0 +1,24 @@
--- ntpd/ntp_control.c.orig Sat Jul 15 23:46:05 2000
+++ ntpd/ntp_control.c Fri Apr 6 01:05:57 2001
@@ -1821,9 +1821,19 @@
while (cp < reqend &&
isspace((int)*cp))
cp++;
- while (cp < reqend && *cp !=
- ',')
+ while (cp < reqend && *cp != ',') {
*tp++ = *cp++;
+ if (tp > buf + sizeof(buf)) {
+ msyslog(LOG_WARNING, "Attempted \"ntpdx\" exploit from IP %d.%d.%d.%d:%d (possibly spoofed)\n",
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 24) & 0xff,
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 16) & 0xff,
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 8) & 0xff,
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 0) & 0xff,
+ ntohs(rmt_addr->sin_port)
+);
+ return (0);
+ }
+ }
if (cp < reqend)
cp++;
*tp = '\0';

3
net/ntp-stable/Makefile
View file

@ -7,10 +7,11 @@
PORTNAME= ntp
PORTVERSION= 4.0.99k
PORTREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.udel.edu/pub/ntp/ntp4/
MAINTAINER= ports@FreeBSD.org
MAINTAINER= Cy.Schubert@uumail.gov.bc.ca
# ntp's configure script created by autoconf 2.14.1 doesn't work
# if GNU_CONFIGURE is defined

24
net/ntp-stable/files/patch-ntp_control.c Normal file
View file

@ -0,0 +1,24 @@
--- ntpd/ntp_control.c.orig Sat Jul 15 23:46:05 2000
+++ ntpd/ntp_control.c Fri Apr 6 01:05:57 2001
@@ -1821,9 +1821,19 @@
while (cp < reqend &&
isspace((int)*cp))
cp++;
- while (cp < reqend && *cp !=
- ',')
+ while (cp < reqend && *cp != ',') {
*tp++ = *cp++;
+ if (tp > buf + sizeof(buf)) {
+ msyslog(LOG_WARNING, "Attempted \"ntpdx\" exploit from IP %d.%d.%d.%d:%d (possibly spoofed)\n",
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 24) & 0xff,
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 16) & 0xff,
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 8) & 0xff,
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 0) & 0xff,
+ ntohs(rmt_addr->sin_port)
+);
+ return (0);
+ }
+ }
if (cp < reqend)
cp++;
*tp = '\0';

3
net/ntp/Makefile
View file

@ -7,10 +7,11 @@
PORTNAME= ntp
PORTVERSION= 4.0.99k
PORTREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.udel.edu/pub/ntp/ntp4/
MAINTAINER= ports@FreeBSD.org
MAINTAINER= Cy.Schubert@uumail.gov.bc.ca
# ntp's configure script created by autoconf 2.14.1 doesn't work
# if GNU_CONFIGURE is defined

24
net/ntp/files/patch-ntp_control.c Normal file
View file

@ -0,0 +1,24 @@
--- ntpd/ntp_control.c.orig Sat Jul 15 23:46:05 2000
+++ ntpd/ntp_control.c Fri Apr 6 01:05:57 2001
@@ -1821,9 +1821,19 @@
while (cp < reqend &&
isspace((int)*cp))
cp++;
- while (cp < reqend && *cp !=
- ',')
+ while (cp < reqend && *cp != ',') {
*tp++ = *cp++;
+ if (tp > buf + sizeof(buf)) {
+ msyslog(LOG_WARNING, "Attempted \"ntpdx\" exploit from IP %d.%d.%d.%d:%d (possibly spoofed)\n",
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 24) & 0xff,
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 16) & 0xff,
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 8) & 0xff,
+ (ntohl(rmt_addr->sin_addr.s_addr) >> 0) & 0xff,
+ ntohs(rmt_addr->sin_port)
+);
+ return (0);
+ }
+ }
if (cp < reqend)
cp++;
*tp = '\0';