Summary
Check the version of ntp
Solution
Please Install the Updated Packages.
Insight
Stephen Roettger, Sebastian Krahmer, and
Harlan Stenn discovered that NTP incorrectly handled the length value in extension fields. A remote attacker could use this issue to possibly obtain leaked information, or cause the NTP daemon to crash, resulting in a denial of service. (CVE-2014-9297)
Stephen Roettger discovered that NTP incorrectly handled ACLs based on certain IPv6 addresses. (CVE-2014-9298)
Affected
ntp on Ubuntu 14.10 ,
Ubuntu 14.04 LTS ,
Ubuntu 12.04 LTS ,
Ubuntu 10.04 LTS
Detection
Get the installed version with the help
of detect NVT and check if the version is vulnerable or not.
Severity
Classification
-
CVE CVE-2014-9297, CVE-2014-9298 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities