FreeBSD : ntp -- control message remote Denial of Service vulnerability (0d0f3050-1f69-11e5-9ba9-d050996490d0)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

ntp.org reports :

Under limited and specific circumstances an attacker can send a
crafted packet to cause a vulnerable ntpd instance to crash. This
requires each of the following to be true :

- ntpd set up to allow for remote configuration (not allowed by
default), and

- knowledge of the configuration password, and

- access to a computer entrusted to perform remote configuration.

See also :

http://bugs.ntp.org/show_bug.cgi?id=2853
https://www.kb.cert.org/vuls/id/668167
http://www.nessus.org/u?e1d497be
http://www.nessus.org/u?6e63ba37

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 84482 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now