The remote NTP server is affected by an information disclosure vulnerability due to improper validation of the ‘vallen’ value in extension fields in ‘ntp_crypto.c’. This allows a remote attacker to disclose sensitive information.
Note that this plugin requires both the scanner IP and target IP to not go through Network Address Translation (NAT) when communicating with each other.
Binary data ntp_cve-2014-9297.nbin