This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
The remote AIX host has a version of NTP installed that is affected
by multiple vulnerabilities.
The version of NTP installed on the remote AIX host is affected by
the following vulnerabilities :
- A flaw exists in the receive() function due to the use
of authenticated broadcast mode. A man-in-the-middle
attacker can exploit this to conduct a replay attack.
- A NULL pointer dereference flaw exists in ntp_request.c
that is triggered when handling ntpdc relist commands.
A remote attacker can exploit this, via a specially
crafted request, to crash the service, resulting in a
denial of service condition. (CVE-2015-7977)
- An unspecified flaw exists in authenticated broadcast
mode. A remote attacker can exploit this, via specially
crafted packets, to cause a denial of service condition.
- A flaw exists in ntpq and ntpdc that allows a remote
attacker to disclose sensitive information in
- A flaw exists in the ntpq protocol that is triggered
during the handling of an improper sequence of numbers.
A man-in-the-middle attacker can exploit this to conduct
a replay attack. (CVE-2015-8140)
- A flaw exists in the ntpq client that is triggered when
handling packets that cause a loop in the getresponse()
function. A remote attacker can exploit this to cause an
infinite loop, resulting in a denial of service
See also :
A fix is available and can be downloaded from the IBM AIX website.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.8
Public Exploit Available : false
Family: AIX Local Security Checks
Nessus Plugin ID: 92357 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now