[security at ntpsec.org] Bug#964395: Does CVE-2020-13817 affect ntpsec?
Richard Laager
rlaager at wiktel.com
Fri Aug 14 08:52:58 UTC 2020
On 8/13/20 5:48 AM, Hal Murray via devel wrote:
>>> https://bugs.ntp.org/show_bug.cgi?id=3596
>
> That bug talks about feeding bogus time to a system by guessing the transmit
> time stamp.
>
> When ntpd gets a response, it drops responses where the time-stamp it sent
> doesn't match the corresponding slot in the reply. The idea is that most of
> the bits in that slot are predictable so an off path attacker has a good
> chance of getting a bogus response through by guessing the value the server is
> expecting.
>
> There is a draft in the pipeline:
> https://tools.ietf.org/html/draft-ietf-ntp-data-minimization-04
> We implement that.
There is also this (which you forwarded to this list) which might help:
https://datatracker.ietf.org/doc/draft-ietf-ntp-port-randomization/
What's the status of that in NTPsec? I presume "not implemented", but is
it planned?
--
Richard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20200814/4ce5f8cc/attachment.bin>
More information about the devel
mailing list