CVE-2017-6464 ntp: Denial of Service via malformed config

Unitrends
Backup
Configure

CVE ID

CVE-2017-6464

DESCRIPTION

A vulnerability was discovered in the NTP server's parsing of configuration
directives. A remote, authenticated attacker could cause ntpd to crash by
sending a crafted message.

CVSS3 Base Score 5.3

Related CVEs: CVE-2017-6463, CVE-2017-6462

RESOLUTION

Fixed in latest Unitrends security update with
ntp-4.2.6p5-12.el6.centos.1

LINK TO ADVISORIES

https://nvd.nist.gov/vuln/detail/CVE-2017-6464 https://access.redhat.com/security/cve/cve-2017-6464 https://access.redhat.com/security/cve/cve-2017-6463 https://access.redhat.com/security/cve/cve-2017-6462

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Contact us

Browse this section

Remove ISCSI sessions using the Linux command line
Windows Volume Shadow copy Services (VSS) Problem Determination
OpenVPN - How to remove the OpenVPN configuration from an appliance
Volume Shadow Copy Service Errors
Error: Virtual Machine could not be started because the hypervisor is not running
How do I change the sendmail 'from' address and domain on the appliance emails?
VSS Writer Failed / How to Restart and Re-Register VSS Writers
Animated Tutorials
CVE-2014-7169: Additional Bash Vulnerability
Hyper-V 2012 backup errors with "An error was encountered while getting version of the VM"