F5 Networks BIG-IP : NTP vulnerability (K17525)
High Nessus Plugin ID 91314
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value. (CVE-2015-7853)
Running a custom refclock driver in ntpd could overflow a data buffer under certain conditions. Running a custom installed refclock driver is not a supported configuration in F5 products.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K17525.