In association with heise online

10 December 2009, 14:10

NTP update solves denial-of-service problem

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Version 4.2.4p8 of NTP, an open source implementation of the Network Time Protocol, fixes a denial-of-service (DoS) flaw that occurs when processing certain request types and can cause high network and CPU loads on a vulnerable server. The problem is based on a ping-pong effect which involves two servers exchanging an endless string of error messages.

The "ping-pong " effect is caused by a flawed mode-7 request that quotes another NTP server as its sender and could, for instance, be sent to an NTP server by an attacker. If the address of the sender is the same as that of the recipient, an NTP server can also loop indefinitely on its own.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit