oval:org.mitre.oval:def:28915

Definition Id: oval:org.mitre.oval:def:28915

Oval ID:	oval:org.mitre.oval:def:28915
Title:	Symmetric-Key feature allows denial of service
Description:	The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2015-1799	Version:	3
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis:
HP-UX B.11.31 AND filesets tests NTP.INETSVCS2-BOOT version is less than C.4.2.6.6.0 AND NTP.NTP-AUX version is less than C.4.2.6.6.0 AND NTP.NTP-RUN version is less than C.4.2.6.6.0