NTP BUG 2665: Weak default key in config_auth()

Last update: February 15, 2022 20:59 UTC (43fbd379b)


Summary

Resolved 4.2.7p11 28 Jan 2010
References Bug 2665 CVE-2014-9293
Affects All NTP4 releases before 4.2.7p11. Resolved in 4.2.7p11.
CVSS2 Score 7.3 AV:N/AC:L/Au:M/C:P/I:P/A:C

Description

If no auth key is set in the configuration file, ntpd would generate a random key on the fly. There were two problems with this: 1) the generated key was 31 bits in size, and 2) it used the (now weak) ntp_random() function, which was seeded with a 32 bit value and can only provide 32 bits of entropy. This was sufficient back in the late 1990s when this code was written. Not today.


Mitigation

Any of:


Credit

This vulnerability was discovered in ntp-4.2.6 by Neel Mehta of the Google Security Team.


Timeline