CVE-2010-0294 Information

Description

chronyd in Chrony before 1.23.1 and possibly 1.24-pre1 generates a syslog message for each unauthorized cmdmon packet which allows remote attackers to cause a denial of service (disk consumption) via a large number of invalid packets.

Reference

http://chrony.tuxfamily.org/News.html http://git.tuxfamily.org/chrony/chrony.git/?p=gitroot/chrony/chrony.git;a=commit;h=0b710499f994823bd938fc6895f097eefb9cc59f http://secunia.com/advisories/38428 http://secunia.com/advisories/38480 http://www.debian.org/security/2010/dsa-1992 http://www.securityfocus.com/bid/38106 https://bugzilla.redhat.com/show_bug.cgi?id=555367