NTP Bug 2941

NAK to the Future: Symmetric association authentication bypass via crypto-NAK

  • Date Resolved: Stable (4.2.8p4) 21 Oct 2015
  • References: Sec 2941 / CVE-2015-7871
  • Affects: All ntp-4 releases between 4.2.5p186 up to but not including 4.2.8p4, and 4.3.0 up to but not including 4.3.77
  • CVSS: (AV:N/AC:L/Au:N/C:N/I:P/A:P) Base Score: 6.4
  • Summary: Crypto-NAK packets can be used to cause ntpd to accept time from unauthenticated ephemeral symmetric peers by bypassing the authentication required to mobilize peer associations. This vulnerability appears to have been introduced in ntp-4.2.5p186 when the code handling mobilization of new passive symmetric associations (lines 1103-1165) was refactored.
  • Mitigation:
  • Credit: This weakness was discovered by Matthew Van Gundy <> of Cisco ASIG.

This topic: Main > SecurityNotice > NtpBug2941
Topic revision: r1 - 2015-10-23 - 09:27:55 - HarlanStenn
SSL security by CAcert
Get the CAcert Root Certificate
This site is powered by the TWiki collaboration platform
IPv6 Ready
Copyright & 1999-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors. Ideas, requests, problems regarding the site? Send feedback