ntpd
on VMS. ntpd
is configured to allow remote configuration, and if the (possibly spoofed) IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd
was configured to disable authentication, then an attacker can send a set of packets to ntpd
that may cause ntpd
to overwrite files.
ntpd
requires: ntpd
instances.