NTP Authentication Bypass Threat: Critical Flaws Impact Network Security

Network admins take note: A set of vulnerabilities can bypass HTPPS with ease and result in spying, outages and authentication bypass.

Discovered on Wednesday by Cisco's security intelligence and research group Talos, the critical bugs are found within the Network Time Protocol (NTP), designed to synchronize the clocks of computers over a network. Developed before 1985, the protocol is one of the oldest still in use.

In a blog post documenting the find, Talos said a logic error within the Network Time Protocol daemon (NTPD), the operating system behind the protocol, could allow attackers to bypass authentication procedures and effectively grant them the keys to a network kingdom.