Red Hat security chap Miroslav Lichvar has revealed two vulnerabilities in the Network Time Protocol (NTP) that allow attackers to get clients to execute unauthenticated packets.
Lichvar reported the two since-patched holes (CVE-2015-1798) in which packets are accepted with message authentication codes are accepted regardless of whether it is included, and a denial of service condition (CVE-2015-1799).
The latter flaw affects NTP installations that use symmetric key authentication (xntp3.3wy to ntp-4.2.8p1) in which a denial of service condition is created when two peering hosts receive packets that contain mismatched originate and transmit timestamps.
"An attacker who periodically sends such packets to both hosts can prevent synchronisation," the Carnegie Mellon University Computer Emergency Response Team says.
"An unauthenticated attacker with network access may be able to inject packets or prevent peer synchronisation among symmetrically authenticated hosts."
Punters should update to version ntp-4.2.8p2.
The NTP synchronises computer clocks across the web and is a favourite for denial of service attackers who use the protocol to amplify traffic.
The NTP reflection denial of service attacks were used to devastating effect last year against gaming servers resulting in efforts to get admins to patch against the exploited vulnerabilities. ®
Sponsored: Network DDoS protection
from ffffff http://go.theregister.com/feed/www.theregister.co.uk/2015/04/09/ntp_vulns/
via IFTTT
Entradas
0 comentarios:
Publicar un comentario