RHSA-2016:0063-01 -- Redhat ntpID: oval:org.secpod.oval:def:501758 | Date: (C)2016-01-29 (M)2024-01-29 |
Class: PATCH | Family: unix |
The Network Time Protocol is used to synchronize a computer"s time with a referenced time source. It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to modify the time on the client. All ntp users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the ntpd daemon will restart automatically.
Platform: |
Red Hat Enterprise Linux 7 |
Red Hat Enterprise Linux 6 |