SuSE 10 Security Update : xntp (ZYPP Patch Number 5489)

High Nessus Plugin ID 34234


The remote SuSE 10 host is missing a security-related patch.


The ntp daemon did not use supplied keys.

The cause of the problem is that the authentication system is initialized after the config is parsed and that the keyfile option is parsed only by storing the keyfile name for later use when the authentication system is initialized. The trustedkey option is handled by attempting to complete the trusting of the specified keys (which are not yet loaded). So, all the trusting fails because it has nothing to act on.

This problem is fixed with this patch.


Apply ZYPP patch number 5489.

Plugin Details

Severity: High

ID: 34234

File Name: suse_xntp-5489.nasl

Version: $Revision: 1.13 $

Type: local

Agent: unix

Published: 2008/09/17

Modified: 2012/05/17

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: cpe:/o:suse:suse_linux

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 2008/07/31