IP ACLs bypass vulnerability in ntp when ::1 spoofed in some OSID: oval:org.secpod.oval:def:24758 | Date: (C)2015-06-08 (M)2022-01-13 |
Class: VULNERABILITY | Family: unix |
The host is installed with ntp on RHEL 6 or 7 and is prone to an IP ACLs bypass vulnerability. A flaw is present in the application, which fails to properly handle spoofed packets with ::1 source address. Successful exploitation could allow attackers to bypass source IP ACLs on some OSes.
Platform: |
Red Hat Enterprise Linux 6 |
Red Hat Enterprise Linux 7 |