[ntp:security] Potential issue with KoD security fix and follow-up bug fix

Harlan Stenn stenn at nwtime.org
Mon Jan 4 20:12:48 UTC 2016


Hi Jim,

What proposed fix for bug 2952?  If it's a proposed  fix that comes with the report we know that doesn't work.  Our fix for 2952 should be published soon. 

I think the patch you suggest is wrong because lighting TEST2 on client packets should still get the packet discarded later in the code. 

Sent from my iPhone - please excuse brevity and typos

> On Jan 4, 2016, at 10:45 AM, Jim McCormick <jim.mccormick at alcatel-lucent.com> wrote:
> 
> Hi,
> 
> After picking up the KoD security fix under bug 2901, we noticed that active/passive peering was broken.  I see this is being addressed by bug 2952, however the proposed fix for 2952 makes 2901 vulnerable again because after the origin timestamp is validated the KoD packet is no longer discarded.
> 
> I want to make sure that 2952 is implemented without opening a known security hole.  Perhaps instead of commenting out the return statements in the two places where TEST2 is set, wrap the return statement a check for server mode:
> 
>  if (hismode == MODE_SERVER) {
>     return;   /* Bogus packet from server, we are done. */
> }
> 
> Regards,
> Jim
> _______________________________________________
> security mailing list
> security at lists.ntp.org
> http://lists.ntp.org/listinfo/security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20160104/24ab2e17/attachment.html>


More information about the security mailing list