[ntp:security] [Bug 2946] New: Origin Leak: ntpq and ntpdc Disclose Origin Timestamp to Unauthenticated Clients

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Sat Oct 17 09:03:51 UTC 2015


http://bugs.ntp.org/show_bug.cgi?id=2946

             Bug #: 2946
           Summary: Origin Leak: ntpq and ntpdc Disclose Origin Timestamp
                    to Unauthenticated Clients
           Product: ntp
           Version: 4.2.8
          Platform: All
        OS/Version: All
            Status: CONFIRMED
          Severity: normal
          Priority: P5
         Component: Security Bugs
        AssignedTo: stenn at ntp.org
        ReportedBy: stenn at ntp.org
                CC: security at ntp.org
             Group: Security
    Classification: Unclassified


Harlan Stenn <stenn at ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|                            |blocking4.2.8+

Created attachment 1351
  --> http://bugs.ntp.org/attachment.cgi?id=1351
Description

To prevent off-path attackers from impersonating legitimate peers,
    clients require that the origin timestamp in a received response
    packet match the transmit timestamp from its last request to a
    given peer.  Under assumption that only the recipient of the
    request packet will know the value of the transmit timestamp, this
    prevents an attacker from forging replies.

    Unfortunately, ntpq and ntpdc will disclose the value of the origin
    timestamp expected in the next peer response to any clients that are
    authorized to make ntpq (respectively ntpdc) queries.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list