[ previous ] [ next ] [ threads ]
 From:  Manuel Kasper <mk at neon1 dot net>
 To:  Hilton De Meillon <wolfyrabbit at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] CVE-2009-0159, CVE-2009-1252
 Date:  Wed, 20 May 2009 12:19:37 +0200
On 20.05.2009, at 11:53, Hilton De Meillon wrote:

> Does anyone know if monowall is vulnerable to the new ntp  
> vulnerabilites : CVE-2009-0159, CVE-2009-1252

m0n0wall only uses the sntp program (or its predecessor MSNTP in  
earlier versions) from NTP, which is pretty much standalone and  
doesn't use any code from ntpq or ntpd. Therefore, as far as I can  
tell, it is not vulnerable to these particular NTP vulnerabilities.

- Manuel