How to Buy
This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
The remote NTP server is affected by a privilege escalation
According to its version number, the NTP (Network Time Protocol)
server running on the remote host is affected by a flaw that causes it
to run with the permissions of a privileged user if a group name
rather than a group ID is specified on the command line. A local
attacker, who has managed to compromise the application through some
other means, can exploit this issue to gain elevated privileges.
See also :
Upgrade to NTP version 4.2.1 or later. Alternatively, start ntpd with
a group number.
Risk factor :
Medium / CVSS Base Score : 4.6
CVSS Temporal Score : 4.0
Public Exploit Available : true
Nessus Plugin ID: 19517 ()
Bugtraq ID: 14673
CVE ID: CVE-2005-2496
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.