Re[3]: [Full-Disclosure] Security aspects of time synchronization infrastructure
From: 3APA3A <3APA3A@SECURITY.NNOV.RU>
Date: Fri Aug 20 2004 - 05:35:30 EDT
Date: Fri Aug 20 2004 - 05:35:30 EDT
Dear 3APA3A,
--Friday, August 20, 2004, 10:21:51 AM, you wrote to mvp@joeware.net:
3> Before Windows 2000 SP4 it was possible to set date far in future (for
3> example to 2038). Locked accounts, expired certificates in addition to
3> "problem 2038" (Jan, 19 2038 is maximum date value for 32 bit time_t
3> timestamp used in many C compilers). But setting date 12 hours in future
3> or 12 hours in past still can produce a lot of harm.
Minor correction: because SNTP uses different timestamp format it's not
possible to set date behind 2036. But it's not so important.
-- ~/ZARAZA Появился новый тип элементарных частиц - шкварки. Не очень большие, слегка подгоревшие. (Лем) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Fri Aug 20 07:05:20 2004
This archive was generated by hypermail 2.1.8 : Fri Aug 20 2004 - 08:04:05 EDT
Custom Search
