SynopsisThe remote AIX host is missing a security patch.
DescriptionCVE-2014-9293 If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated.
CVE-2014-9294 ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys.
CVE-2014-9295 A remote unauthenticated attacker may craft special packets that trigger buffer overflow.
SolutionInstall the appropriate interim fix.