[ntp:security] Potential issue with KoD security fix and follow-up bug fix

Jim McCormick jim.mccormick at alcatel-lucent.com
Mon Jan 4 18:45:14 UTC 2016


After picking up the KoD security fix under bug 2901 
<http://bugs.ntp.org/show_bug.cgi?id=2901>, we noticed that 
active/passive peering was broken.  I see this is being addressed by bug 
2952 <http://bugs.ntp.org/show_bug.cgi?id=2952>, however the proposed 
fix for 2952 makes 2901 vulnerable again because after the origin 
timestamp is validated the KoD packet is no longer discarded.

I want to make sure that 2952 is implemented without opening a known 
security hole.  Perhaps instead of commenting out the return statements 
in the two places where TEST2 is set, wrap the return statement a check 
for server mode:

  if (hismode == MODE_SERVER) {
     return;   /* Bogus packet from server, we are done. */

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20160104/b42f2db6/attachment.html>

More information about the security mailing list