6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.968 High
EPSS
Percentile
99.5%
Several vulnerabilities have been discovered in chrony, a pair of programs
which are used to maintain the accuracy of the system clock on a computer.
This issues are similar to the NTP security flaw CVE-2009-3563. The Common
Vulnerabilities and Exposures project identifies the following problems:
For the oldstable distribution (etch), this problem has been fixed in
version 1.21z-5+etch1.
For the stable distribution (lenny), this problem has been fixed in
version 1.23-6+lenny1.
For the testing (squeeze) and unstable (sid) distribution, this problem
will be fixed soon.
We recommend that you upgrade your chrony packages.