OVAL Reference oval:org.mitre.oval:def:28698

Oval Definition:

oval:org.mitre.oval:def:28698

Revision Date:	2015-07-06	Version:	18
Title:	Symmetric-Key feature allows MAC address spoofing.
Description:	The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2015-1798
Platform(s):	HP-UX 11	Product(s):
Definition Synopsis
HP-UX B.11.31 AND filesets tests NTP.INETSVCS2-BOOT version is less than C.4.2.6.6.0 OR NTP.NTP-AUX version is less than C.4.2.6.6.0 OR NTP.NTP-RUN version is less than C.4.2.6.6.0