Apple-2gs-SW/hush
1
0
Fork 0
mirror of https://github.com/sheumann/hush.git synced 2024-09-27 06:54:26 +00:00
Code Issues Projects Releases Wiki Activity
150dc7a2b4
hush/networking
History
Miroslav Lichvar 150dc7a2b4 ntpd: respond only to client and symmetric active packets 
The busybox NTP implementation doesn't check the NTP mode of packets
received on the server port and responds to any packet with the right
size. This includes responses from another NTP server. An attacker can
send a packet with a spoofed source address in order to create an
infinite loop of responses between two busybox NTP servers. Adding
more packets to the loop increases the traffic between the servers
until one of them has a fully loaded CPU and/or network.

Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
2016-08-01 20:25:06 +02:00
..
libiproute ip: fix problem on mips64 n64 big endian musl systems 2016-04-24 17:39:02 +02:00
ssl_helper
ssl_helper-wolfssl ssl_helper.sh: strip was invoked incorrectly 2016-07-25 17:12:46 +02:00
udhcp getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
arp.c arp: fix buffer overflow. Closes 9071 2016-07-04 17:38:01 +02:00
arping.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
brctl.c
Config.src
dnsd.c
ether-wake.c
ftpd.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
ftpgetput.c *: add most of the required setup_common_bufsiz() calls 2016-04-21 18:18:48 +02:00
hostname.c
httpd_indexcgi.c
httpd_post_upload.txt
httpd_ssi.c
httpd.c *: hopefully all setup_common_bufsiz() are in place 2016-04-21 18:38:51 +02:00
ifconfig.c
ifenslave.c
ifplugd.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
ifupdown.c *: add most of the required setup_common_bufsiz() calls 2016-04-21 18:18:48 +02:00
inetd.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
interface.c
ip.c
ipcalc.c
isrv_identd.c *: hopefully all setup_common_bufsiz() are in place 2016-04-21 18:38:51 +02:00
isrv.c
isrv.h
Kbuild.src
nameif.c
nbd-client.c
nc_bloaty.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
nc.c *: hopefully all setup_common_bufsiz() are in place 2016-04-21 18:38:51 +02:00
netstat.c
nslookup.c
ntpd.c ntpd: respond only to client and symmetric active packets 2016-08-01 20:25:06 +02:00
ntpd.diff
ping.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
pscan.c
route.c typo fixes 2016-07-19 17:48:55 +02:00
slattach.c *: add most of the required setup_common_bufsiz() calls 2016-04-21 18:18:48 +02:00
tc.c *: add most of the required setup_common_bufsiz() calls 2016-04-21 18:18:48 +02:00
tcpudp_perhost.c
tcpudp_perhost.h
tcpudp.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
telnet.c *: add most of the required setup_common_bufsiz() calls 2016-04-21 18:18:48 +02:00
telnetd.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
telnetd.ctrlSQ.patch *: slap on a few ALIGN1/2s where appropriate 2016-04-22 18:09:21 +02:00
tftp.c *: add most of the required setup_common_bufsiz() calls 2016-04-21 18:18:48 +02:00
traceroute.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
tunctl.c
vconfig.c
wget.c wget: run s_client helper with -servername HOST 2016-07-25 21:34:57 +02:00
whois.c getopt32: add new syntax of 'o:+' and 'o:*' for -o NUM and -o LIST 2016-07-06 21:58:02 +02:00
zcip.c *: add most of the required setup_common_bufsiz() calls 2016-04-21 18:18:48 +02:00