'Malicious time source' can poison Network Time Protocol

Think of this as an evil TARDIS dropping servers into a time rift

Scan Doctor Who Tardis PC case

Get busy, sysadmins, there's a bunch of network time protocol (NTP) bugs to squash.

The bugs were turned up in a code audit by Cisco's Talos business (which can surely feel the coals of hell being heaped upon its head for working in a Back to the Future joke in the bug-branding).

Talos has been working on the code base of the venerable time-synch daemon, the "speaking clock" of the Internet, as Cisco's contribution to the Internet Foundation's Core Infrastructure Initiative.

The BttF reference is in the lead vulnerability, NAK to the Future: NTP symmetric association authentication bypass vulnerability.

An error in NTP's crypto-NAK packet handling means an attacker can force someone's ntpd process to peer with a "malicious time source" and fool around with their system clocks.

The company also turned up:

The NTP Project says users should immediately install ntp-4.2.8p4 to get the fix, and implement BCP 38 ingress and egress filtering. ®


Biting the hand that feeds IT © 1998–2017