Bug 1199430 (CVE-2015-1798) - CVE-2015-1798 ntp: ntpd accepts unauthenticated packets with symmetric key crypto
Summary: CVE-2015-1798 ntp: ntpd accepts unauthenticated packets with symmetric key cr...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2015-1798
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: Unspecified
OS: Unspecified
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard: impact=low,public=20150407,reported=2...
Depends On: 1209578 1215935 1221564 1221565
Blocks: 1193283 1200382 1210268
TreeView+ depends on / blocked
 
Reported: 2015-03-06 09:30 UTC by Miroslav Lichvar
Modified: 2019-07-11 08:44 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
It was found that ntpd did not check whether a Message Authentication Code (MAC) was present in a received packet when ntpd was configured to use symmetric cryptographic keys. A man-in-the-middle attacker could use this flaw to send crafted packets that would be accepted by a client or a peer without the attacker knowing the symmetric key.
Clone Of:
Environment:
Last Closed: 2015-11-20 05:34:11 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2015:1459 normal SHIPPED_LIVE Moderate: ntp security, bug fix, and enhancement update 2015-07-21 14:15:04 UTC
Red Hat Product Errata RHSA-2015:2231 normal SHIPPED_LIVE Moderate: ntp security, bug fix, and enhancement update 2015-11-19 09:03:04 UTC

Description Miroslav Lichvar 2015-03-06 09:30:30 UTC
When ntpd is configured to use a symmetric key with an NTP server/peer, it checks if the NTP message authentication code (MAC) in received packets is valid, but not if there actually is any MAC included. Packets without MAC are accepted as if they had a valid MAC. This allows a MITM attacker to send false packets that are accepted by the client/peer without having to know the symmetric key.

It seems this bug was introduced in 4.2.5p99 and is in all later stable versions up to 4.2.8p1. Authentication using autokey doesn't have this problem as there is a check that requires the key ID to be larger than NTP_MAXKEY, which fails for packets without MAC.

Comment 3 Martin Prpič 2015-03-10 12:47:31 UTC
Acknowledgements:

This issue was discovered by Miroslav Lichvár of Red Hat.

Comment 7 Kurt Seifried 2015-04-07 16:56:44 UTC
Created ntp tracking bugs for this issue:

Affects: fedora-all [bug 1209578]

Comment 8 Kurt Seifried 2015-04-08 16:00:49 UTC
This issue was fixed upstream:

http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

The updated version is available at:

http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p2.tar.gz

Comment 14 Fedora Update System 2015-04-22 22:55:44 UTC
ntp-4.2.6p5-22.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 15 Fedora Update System 2015-04-22 22:56:00 UTC
ntp-4.2.6p5-30.fc22 has been pushed to the Fedora 22 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 18 Fedora Update System 2015-04-28 13:00:58 UTC
ntp-4.2.6p5-30.fc21 has been pushed to the Fedora 21 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 21 errata-xmlrpc 2015-07-22 07:00:45 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6

Via RHSA-2015:1459 https://rhn.redhat.com/errata/RHSA-2015-1459.html

Comment 23 errata-xmlrpc 2015-11-19 08:38:42 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2015:2231 https://rhn.redhat.com/errata/RHSA-2015-2231.html

Comment 24 Huzaifa S. Sidhpurwala 2015-11-20 05:34:11 UTC
Statement:

This issue did not affect the version of ntp as shipped with Red Hat Enterprise Linux 5


Note You need to log in before you can comment on or make changes to this bug.