NTP BUG 2781: Authentication doesn't protect symmetric associations against DoS attacks

Last update: June 28, 2022 20:06 UTC (57417e17c)


Summary

Resolved 4.2.8p2 07 Apr 2015
References Bug 2781 CVE-2015-1799
Affects All NTP releases starting with at least xntp3.3wy up to but not including ntp-4.2.8p2
where the installation uses symmetric key authentication.
Resolved in 4.2.8p2.
CVSS2 Score could be 4.3 or lower, and it could be higher than 5.4 AV:A/AC:M/Au:N/C:P/I:P/A:P

Description

An attacker knowing that NTP hosts A and B are peering with each other (symmetric association) can send a packet to host A with source address of B which will set the NTP state variables on A to the values sent by the attacker. Host A will then send on its next poll to B a packet with originate timestamp that doesn’t match the transmit timestamp of B and the packet will be dropped. If the attacker does this periodically for both hosts, they won’t be able to synchronize to each other. This is a known denial-of-service attack, described in Analysis and Simulation of the NTP On-Wire Protocols.

According to the document the NTP authentication is supposed to protect symmetric associations against this attack, but that doesn’t seem to be the case. The state variables are updated even when authentication fails and the peers are sending packets with originate timestamps that don’t match the transmit timestamps on the receiving side.

This seems to be a very old problem, dating back to at least xntp3.3wy. It’s also in the NTPv3 (RFC 1305) and NTPv4 (RFC 5905)) specifications, so other NTP implementations with support for symmetric associations and authentication may be vulnerable too. An update to the NTP RFC to correct this error is in-process.


Mitigation


Credit

This issue was discovered by Miroslav Lichvar, of Red Hat.


Timeline