Bug 61566 - dateconfig provides unsecure configuration for ntpd
dateconfig provides unsecure configuration for ntpd
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: ntp (Show other bugs)
7.2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Brent Fox
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-03-21 11:30 EST by Benjamin Shrom
Modified: 2008-05-01 11:38 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2002-03-25 11:36:49 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Benjamin Shrom 2002-03-21 11:30:04 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; T312461)

Description of problem:
dateconfig provides unsecure configuration for ntpd, which allows 
use of ntpdc from any other host to reconfigure ntpd

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1.Preconditions: installed NTP and Dataconfig packages.
2.Use dateconfig to configure ntp (enter time server information)
3.Start ntpd
4.Connect to ntpd from "malicious" host to your host.
(>ntpdc your.host.com)
5.Add peer/server (ntpdc>addserver malicious.server.com)
6.For key enter any number (for ex: 1)
7.For password enter any password (for ex: dkdk)
8.Review ntpd configuration (ntpdc>peers)
9.Unconfigure correct timeserver: (ntpdc>unconfig time.server.com)
10.Review ntpd configuration (ntpdc>peers)
	

Actual Results:  Time will be synchronized to the malicious time server.

Expected Results:  User should not be able to change configuration ntpd from 
other hosts,unless allowed to.

Additional info:
Comment 1 Brent Fox 2002-03-21 12:29:20 EST
Well, dateconfig just modifies the ntp.conf file and then calls 'service ntpd
start'.  The behavior you are describing is caused by ntpdc (which is part of
the NTP RPM), not dateconfig.  Changing component of the bug report to 'ntp'.
Comment 2 Harald Hoyer 2002-03-25 05:33:58 EST
As reported:   
   
_dateconfig_ provides _unsecure_ configuration for ntpd, which allows the use of
ntpdc from any other host to reconfigure ntpd.   
   
This means: you can modify the timeserver remotly!!!!
Comment 3 Harald Hoyer 2002-03-25 11:36:43 EST
I think 
authenticate yes 
would be the best answer 
Comment 4 Brent Fox 2002-03-27 16:04:37 EST
Ok, I've modified dateconfig to only change the 'server' line in your ntp.conf
file.  The dateconfig in Rawhide (
ftp://ftp.redhat.com/pub/redhat/linux/rawhide/i386/RedHat/RPMS/dateconfig-0.7.5-2.i386.rpm)
does the right thing.

If you have already set up an insecure configuration of ntp (or if the default
ntp configuration is insecure) then dateconfig will not change that value. 
Dateconfig will only change the name of the server in the file.
Comment 5 Brent Fox 2002-03-28 11:04:24 EST
Correction: 
ftp://ftp.redhat.com/pub/redhat/linux/rawhide/i386/RedHat/RPMS/dateconfig-0.7.5-3.i386.rpm

Not dateconfig-0.7.5-2.i386.rpm.

Typo on my part.
Comment 6 Brent Fox 2002-03-28 11:06:29 EST
dateconfig-0.7.5-3 is available for IA-64 as well at:

ftp://ftp.redhat.com/pub/redhat/linux/rawhide/ia64/RedHat/RPMS/

Note You need to log in before you can comment on or make changes to this bug.