Mandriva Linux Security Advisory : ntp (MDVSA-2009:007)
Medium Nessus Plugin ID 36723
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA flaw was found in how NTP checked the return value of signature verification. A remote attacker could use this to bypass certificate validation by using a malformed SSL/TLS signature (CVE-2009-0021).
The updated packages have been patched to prevent this issue.
SolutionUpdate the affected ntp, ntp-client and / or ntp-doc packages.