NTP BUG 2942: Off-path Denial of Service (DoS) attack on authenticated broadcast mode

Last update: April 22, 2024 18:49 UTC (7e7bd5857)


Summary

Resolved 4.2.8p6 19 Jan 2016
References Bug 2942 CVE-2015-7979
Affects All ntp-4 releases up to, but not including 4.2.8p6,
and 4.3.0 up to, but not including 4.3.90.
Resolved in 4.2.8p6.
CVSS2 Score MED 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P

Description

An off-path attacker can send broadcast packets with bad authentication (wrong key, mismatched key, incorrect MAC, etc) to broadcast clients. It is observed that the broadcast client tears down the association with the broadcast server upon receiving just one bad packet.


Mitigation


Credit

This weakness was discovered by Aanchal Malhotra of Boston University.


Timeline