FreeBSD : ntp -- control message remote Denial of Service vulnerability (0d0f3050-1f69-11e5-9ba9-d050996490d0)

High Nessus Plugin ID 84482


The remote FreeBSD host is missing one or more security-related updates.

Description reports :

Under limited and specific circumstances an attacker can send a crafted packet to cause a vulnerable ntpd instance to crash. This requires each of the following to be true :

- ntpd set up to allow for remote configuration (not allowed by default), and

- knowledge of the configuration password, and

- access to a computer entrusted to perform remote configuration.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 84482

File Name: freebsd_pkg_0d0f30501f6911e59ba9d050996490d0.nasl

Version: $Revision: 2.2 $

Type: local

Published: 2015/07/01

Modified: 2017/07/06

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ntp, p-cpe:/a:freebsd:freebsd:ntp-devel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2015/06/30

Vulnerability Publication Date: 2015/06/29