NTP BUG 2666: non-cryptographic random number generator with weak seed used by ntp-keygen to generate symmetric keys

Last update: February 15, 2022 20:59 UTC (43fbd379b)


Summary

Resolved 4.2.7p230 01 Nov 2011
References Bug 2666 CVE-2014-9294
Affects All NTP4 releases before 4.2.7p230. Resolved in 4.2.7p230.
CVSS2 Score 7.3 AV:N/AC:L/Au:M/C:P/I:P/A:C

Description

Prior to ntp-4.2.7p230 ntp-keygen used a weak seed to prepare a random number generator that was of good quality back in the late 1990s. The random numbers produced was then used to generate symmetric keys. In ntp-4.2.8 we use a current-technology cryptographic random number generator, either RAND_bytes from OpenSSL, or arc4random().


Mitigation

Any of:


Credit

This vulnerability was discovered in ntp-4.2.6 by Stephen Roettger of the Google Security Team.


Timeline