Re: [linux-security] ALERT: remote root exploit in ntpd (redhat, slackware)

[Martin Siegert <siegert@sfu.ca>]

On Fri, Apr 06, 2001 at 07:09:23PM -0700, Martin Siegert wrote:
> Topic
> =====
> possibility of remote root exploit in ntpd (time synchronization).

RedHat and Slackware have release patched versions of ntp.
Here is the upgrade information:

RedHat 6.x
----------
rpm -Fvh xntp3-5.93-15.i386.rpm
/etc/rc.d/init.d/xntpd restart

RedHat 7.0
----------
rpm -Fvh ntp-4.0.99k-15.i386.rpm
/etc/rc.d/init.d/ntpd restart

Slackware 7.1
-------------
upgrade to xntp3-5.93e (xntp.tgz):
     Make sure you are not running xntpd on your system.  This command
     should stop the daemon:

        killall xntpd

     Check to make sure it's not running:

        ps -ef | grep xntpd

     Once you have stopped the daemon, upgrade the package using
     upgradepkg:

        upgradepkg xntp.tgz

     Then you can restart the daemon:

        /usr/sbin/xntpd

Slackware-current
-----------------
upgrade to ntp-4.0.99k23 (ntp4.tgz):
     Make sure you are not running xntpd on your system.  This command
     should stop the daemon:

        killall xntpd

     Check to make sure it's not running:

        ps -ef | grep xntpd

     Once you have stopped the daemon, upgrade the package using
     upgradepkg:

        upgradepkg xntp%ntp4

     Then you can restart the daemon:

        /usr/sbin/ntpd