[ntp:security] [Bug 3592] DoS attack on client ntpd

bugzilla-daemon at ntp.org bugzilla-daemon at ntp.org
Fri May 31 05:31:27 UTC 2019


http://bugs.ntp.org/show_bug.cgi?id=3592

Harlan Stenn <stenn at ntp.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Priority|P5                          |P3
                 CC|                            |mlichvar at redhat.com
            Summary|test                        |DoS attack on client ntpd
           Severity|enhancement                 |major

--- Comment #1 from Harlan Stenn <stenn at ntp.org> 2019-05-31 05:31:27 UTC ---
Miroslav emailed security@ saying:

there is a security issue which enables an off-path attacker to
prevent ntpd from synchronizing with NTP servers not using
authentication. A server mode packet with spoofed source address sent
to the client ntpd causes the next transmission to be rescheduled,
even if the packet doesn't have a valid origin timestamp. If the
packet is sent to the client frequently enough, it will stop polling
the server and not be able to synchronize with it.

It seems this was introduced in 4.2.8p12 with the fix for the
bug #3445, which added a poll_update() call to process_packet().

-- 
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


More information about the security mailing list