Scientific Linux Security Update : ntp on SL6.x i386/x86_64
Medium Nessus Plugin ID 104206
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- Two vulnerabilities were discovered in the NTP server's parsing of configuration directives. A remote, authenticated attacker could cause ntpd to crash by sending a crafted message. (CVE-2017-6463, CVE-2017-6464)
- A vulnerability was found in NTP, in the parsing of packets from the /dev/datum device. A malicious device could send crafted messages, causing ntpd to crash.
SolutionUpdate the affected packages.