Gentoo Logo

NTP: Denial of Service

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 201001-01 / ntp
Release Date January 03, 2010
Latest Revision January 03, 2010: 01
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
net-misc/ntp < 4.2.4_p7-r1 >= 4.2.4_p7-r1 All supported architectures

Related bugreports: #290881

Synopsis

A Denial of Service condition in ntpd can cause excessive CPU or bandwidth consumption.

2.  Impact Information

Background

NTP is a set of the Network Time Protocol programs.

Description

Robin Park and Dmitri Vinokurov discovered that ntp_request.c in ntpd does not handle MODE_PRIVATE packets correctly, causing a continuous exchange of MODE_PRIVATE error responses between two NTP daemons or causing high CPU load on a single host.

Impact

A remote, unauthenticated attacker could send a specially crafted MODE_PRIVATE packet, allowing for a Denial of Service condition (CPU and bandwidth consumption).

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

All NTP users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.4_p7-r1"

4.  References

Print

Page updated January 03, 2010

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.