When ntpd is configured to use a symmetric key with an NTP server/peer, it checks if the NTP message authentication code (MAC) in received packets is valid, but not if there actually is any MAC included. Packets without MAC are accepted as if they had a valid MAC. This allows a MITM attacker to send false packets that are accepted by the client/peer without having to know the symmetric key. It seems this bug was introduced in 4.2.5p99 and is in all later stable versions up to 4.2.8p1. Authentication using autokey doesn't have this problem as there is a check that requires the key ID to be larger than NTP_MAXKEY, which fails for packets without MAC.
Acknowledgements: This issue was discovered by Miroslav Lichvár of Red Hat.
Created ntp tracking bugs for this issue: Affects: fedora-all [bug 1209578]
This issue was fixed upstream: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities The updated version is available at: http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8p2.tar.gz
ntp-4.2.6p5-22.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
ntp-4.2.6p5-30.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
ntp-4.2.6p5-30.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2015:1459 https://rhn.redhat.com/errata/RHSA-2015-1459.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:2231 https://rhn.redhat.com/errata/RHSA-2015-2231.html
Statement: This issue did not affect the version of ntp as shipped with Red Hat Enterprise Linux 5