Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Two NTP key authentication vulnerabilities patched

Two NTP key authentication vulnerabilities patched

2015/04/08

Threatpost - (International) Network Time Protocol (NTP) patched two vulnerabilities that allowed attackers to leverage symmetric key authentication flaws to bypass message authentication code (MAC) to send packets to clients. The second vulnerability utilized symmetric key authentication to create denial-of-service (DoS) conditions when peering hosts receive packets with mismatched timestamps.

Source: https://threatpost.com/two-ntp-key-authentication-vulnerabilities-patched/112067

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:24:00