This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote AIX host has a version of NTP installed that is affected
by multiple vulnerabilities.
The version of NTP installed on the remote AIX host is affected by
the following vulnerabilities :
- A time serving flaw exists in the trusted key system
due to improper key checks. An authenticated, remote
attacker can exploit this to perform impersonation
attacks between authenticated peers. (CVE-2015-7974)
- An information disclosure vulnerability exists in the
message authentication functionality in libntp that is
triggered during the handling of a series of specially
crafted messages. An adjacent attacker can exploit this
to partially recover the message digest key.
- A flaw exists due to improper filtering of IPv4 'bogon'
packets received from a network. An unauthenticated,
remote attacker can exploit this to spoof packets to
appear to come from a specific reference clock.
- A denial of service vulnerability exists that allows an
authenticated, remote attacker to manipulate the value
of the trustedkey, controlkey, or requestkey via a
crafted packet, preventing authentication with ntpd
until the daemon has been restarted. (CVE-2016-2517)
- An out-of-bounds read error exists in the MATCH_ASSOC()
function that occurs during the creation of peer
associations with hmode greater than 7. An
authenticated, remote attacker can exploit this, via a
specially crafted packet, to cause a denial of service.
- An overflow condition exists in the ctl_getitem()
function in ntpd due to improper validation of
user-supplied input when reporting return values. An
authenticated, remote attacker can exploit this to cause
ntpd to abort. (CVE-2016-2519)
See also :
A fix is available and can be downloaded from the IBM AIX website.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false
Family: AIX Local Security Checks
Nessus Plugin ID: 102128 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now