[ntp:security] [Bug 3454] Unauthenticated packet can reset authenticated interleaved association

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Fri Jan 26 04:33:42 UTC 2018


http://bugs.ntp.org/show_bug.cgi?id=3454

Harlan Stenn <stenn at ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Priority|P5                          |P2
           Severity|enhancement                 |major

--- Comment #1 from Harlan Stenn <stenn at ntp.org> 2018-01-26 04:33:26 UTC ---
Miroslav writes:

When a peer with an authenticated interleaved association receives an
unauthenticated packet with an incorrect non-zero origin timestamp,
it will reset the protocol and not use the next received packet for
synchronization.

An off-path attacker can exploit this issue to temporarily break the
association by sending the peer a spoofed unauthenticated packet. If
the attacker sends the packets repeatedly, the peers will not be able
to synchronize to each other.

The fix is to check authentication before setting the FLAG_XBOGUS
flag. Unauthenticated packets should be ignored in an authenticated
association.

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list