This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote AIX host is missing a security patch.
The remote AIX host has a version of Network Time Protocol (NTP)
installed that is affected by a denial of service vulnerability due to
a flaw in the symmetric-key feature in the receive() function in file
ntp_proto.c when receiving certain invalid packets, which causes
state-variable updates to be performed. A man-in-the-middle attacker
can exploit this, by spoofing the source IP of a peer, to cause a
See also :
Install the appropriate interim fix according to the vendor advisory.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true