[prev in list] [next in list] [prev in thread] [next in thread]
List: ntp-bugs
Subject: [ntp:bugs] [Bug 2542] New: mrulist nonce could be stronger
From: bugzilla-daemon () ntp ! org
Date: 2014-01-21 20:23:38
Message-ID: bug-2542-35 () http ! bugs ! ntp ! org/
[Download RAW message or body]
http://bugs.ntp.org/show_bug.cgi?id=2542
Bug #: 2542
Summary: mrulist nonce could be stronger
Product: ntp
Version: 4.2.7
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P3
Component: ntpd
AssignedTo: stenn@ntp.org
ReportedBy: stenn@ntp.org
CC: bugs@ntp.org, mlichvar@redhat.com
Group: Security
Classification: Unclassified
Harlan Stenn <stenn@ntp.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Flags| |blocking4.2.8+
Miroslav notes:
The nonce implemented in the mrulist command seems to be too weak. It
uses salt consisting of a 32-bit random part and a 32-bit part set to
the sum of characters from ntp.conf, which is quite predictable. The
nonce doesn't change after first initialization. I think an attacker
can request a nonce and use brute-force search to find the salt and
then calculate the nonce for any IP address he wants.
I'd suggest to extend the random part and update it periodically.
--
Configure bugmail: http://bugs.ntp.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
_______________________________________________
bugs mailing list
bugs@lists.ntp.org
http://lists.ntp.org/listinfo/bugs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic