Family: General --> Category: infos
ntpd Incorrect Group Privileges Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for incorrect group privileges vulnerability in ntpd
Detailed Explanation for this Vulnerability Test
The remote NTP server is affected by a privilege escalation issue.
According to its version number, the NTP (Network Time Protocol)
server installed on the remote host suffers from a flaw that may cause
it to run with the permissions of a privileged user if a group name
rather than a group id is specified on the commandline. As a result,
a possible hacker that manages to compromise the application through some
other means will gain elevated rights than what is expected.
See also :
Start ntpd with a group number or upgrade to NTP 4.2.1 or later.
Low / CVSS Base Score : 2
Click HERE for more information and discussions on this network vulnerability scan.