[ntp:security] [Bug 2917] New: TALOS-CAN-0055: PCRWS: Infinite loop if extended logging enabled and the logfile and keyfile are the same.

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Thu Oct 1 11:04:30 UTC 2015


http://bugs.ntp.org/show_bug.cgi?id=2917

             Bug #: 2917
           Summary: TALOS-CAN-0055: PCRWS: Infinite loop if extended
                    logging enabled and the logfile and keyfile are the
                    same.
           Product: ntp
           Version: 4.2.8
          Platform: PC
        OS/Version: All
            Status: CONFIRMED
          Severity: enhancement
          Priority: P5
         Component: Security Bugs
        AssignedTo: stenn at ntp.org
        ReportedBy: stenn at ntp.org
                CC: security at ntp.org
             Group: Security
    Classification: Unclassified


Harlan Stenn <stenn at ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|                            |blocking4.2.8+

When sending a remote configuration file, an attacker can enable extended
logging via the logconfig=allall setting. An attacker can also set the keys
file when specifying this remote configuration. If the attacker sets the keys
file to be the log file, the key parsing will go into an endless loop. NTP will
log an invalid key in parsing, and will then subsequently parse that line as a
key and again log the error, continuing in an infinite loop.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list