Nexpose Vulnerability Database
- Try searching for a product or vendor.
- Only vulnerabilities that match all search terms will be returned.
- Enclose search terms in double quotes for an exact search.
- For CVE searches, only enter the CVE-YYYY-XXXX code.
Get Nexpose now
Search vulnerabilities with Rapid7's vulnerability management solution
FREE DOWNLOADNTP clock variables information disclosure
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| Moderate (1) | 0.0 (AV:N/AC:L/Au:N/C:N/I:N/A:N) | May 6, 2009 | Apr 1, 2011 | Apr 1, 2011 |
Description:
This sytem allows the internal NTP variables to be queried. These variables contain potentially sensitive information, such as the NTP software version, operating system version, peers, and more.
Vulnerability Management
Get your solution now
Solution:
- Disable NTP readvar queries
Apply a restrict option to all hosts that are not authorized to perform NTP readvar queries. For example, to deny readvar requests from all clients, put the following in the NTP configuration file, typically /etc/ntp.conf, and restart the NTP service:
restrict default mask 0.0.0.0 noquery -
Cisco
Restrict NTP readvar queriesApply an ACL that restricts NTP readvar queries from unauthorized clients, as described in the 'Configuring NTP Access Restrictions' section of the Cisco IOS documentation.
Alternatively, if NTP is not required, disable it entirely by running the following command:
ntp disable
Download Nexpose
Download our vulnerability management solution, Nexpose, for free today. Scan 100% of your infrastructure for vulnerabilities, understand your risk exposure, compare and prioritize your vulnerabilities and verify that they are remediated.