This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote NTP server is affected by a remote code execution
The version of the remote NTP server is 4.x prior to 4.2.4p7 or 4.x
prior to 4.2.5p74. It is, therefore, affected by a stack-based buffer
overflow condition due to the use of sprintf() in the crypto_recv()
function in ntpd/ntp_crypto.c. An unauthenticated, remote attacker can
exploit this to cause a denial of service condition or the execution
of arbitrary code.
Note that this issue is exploitable only if ntpd was compiled with
OpenSSL support and autokey authentication is enabled. The presence of
the following line in ntp.conf indicates a vulnerable system :
crypto pw *password*
Nessus did not check if the system is configured in this manner.
See also :
Upgrade to NTP version 4.2.4p7 / 4.2.5p74 or later.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.0
Public Exploit Available : false