> > Has anyone tested the exploit against embedded ntp implementations
> > such as in Cisco router, for example, to see
> > if the daemon would misbehave, etc.?
>
> Cisco has said they are aware of the advisories and investigating the
> issue. That's all I know. I do not have a convenient sacrificial Cisco
> box at the moment... but I probabaly should go set one up for this
> and other games.
I tried the exploit against a cisco 2614/IOS 10.3 and a cisco 3640/IOS
12.0 when the exploit first came out, and there was no evidence of any
effect.
Since April 7 I've been running ntpd/4.99k23 on an assortment of Linux
systems and on a pair of antique Sparc 2's running SunOS 4.1.3. All
seem happy, are keeping good time, and are unaffected by the exploit.
--
Dick St.Peters, [EMAIL PROTECTED]
