The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ntp | Ntp | * | 4.2.7 (including) |