Hackers could have manipulated the NTP Protocol flaws to damage encryption, jam bitcoin trades

Eight security vulnerabilities have been discovered by Cisco researchers in the Network Time Protocol (NTP) used by Linux, Mac, and BSD OS distributions.  Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use. NTP was originally designed by David L. Mills of the University of Delaware, who still oversees its development.

One of the 8 security vulnerabilities discovered by Cisco’s engineers allows attackers to manipulate a target’s clock, making the victim believe they traveled to the future. Cisco engineers have stated that the vulnerabilities affect the Network Time Protocol daemon (ntpd), responsible for synchronizing time across computer networks (like the Internet, Intranets or smaller LANs).

The reported vulnerabilities include an error handling logic error that bypassed proper authentication, procedures letting attackers change local system time; multiple memory corruption issues that open the protocol for buffer overflow or use-after-free attacks; multiple vulnerabilities that caused DoS (Denial of Service) states by crashing the daemon or making it enter an infinite loop; and a directory traversal and file overwrite issue that allowed attackers to overwrite ntpd configs.

All versions between NTP 4.2.5p186 and 4.2.8p3 are vulnerable, but the good news is that NTP developers issued a new version yesterday that fixes the reported problems.