ye.xingchen@xxxxxxxxxx <ye.xingchen@xxxxxxxxxx> wrote: > From: YeXingchen <ye.xingchen@xxxxxxxxxx> > > The CVE-1999-0524 vulnerability is associated with ICMP > timestamp messages, which can be exploited to conduct > a denial-of-service (DoS) attack. In the Vulnerability > Priority Rating (VPR) system, this vulnerability was > rated as a medium risk in May of this year. > Link:https://www.tenable.com/plugins/nessus/10113 Please explain at least one scenario where this is a problem. AFAICS there is none and Linux is not affected by this. > To protect embedded systems that cannot run firewalls > from attacks exploiting the CVE-1999-0524 vulnerability, > the icmp_timestamp_ignore_all sysctl is offered as If there is an actual problem, then this should be on by default or the entire feature should be removed. But I don't think there is a problem in the first place.
