[ntp:security] [Bug 2945] 0rigin: Zero Origin Timestamp Bypass

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Mon Oct 19 17:20:01 UTC 2015


http://bugs.ntp.org/show_bug.cgi?id=2945

Danny Mayer <mayer at ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mayer at ntp.org

--- Comment #3 from Danny Mayer <mayer at ntp.org> 2015-10-19 17:20:01 UTC ---
(In reply to comment #2)
> The repo is in
> 
>   psp.ntp.org:~perlinger/ntp-stable2945.
> 
> Now the packet is dropped as bogus when the origin time stamp is zero or the
> packet origin does not match the peer origin. This does what the check
> originally intended -- drop unwanted reply packets.
> 
> I guess the original assumption was that no server would send a zero origin
> time stamp. Which is probably true for servers, but it's easy to create network
> packets.

For Broadcast and Multicast packets the origin timestamp IS zero. Will the fix
break these or are they accounted for separately?

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list