There are multiple vulnerabilities in NTPv3 and NTPv4 that impact AIX.
AIX 5.3, AIX 6.1, AIX 7.1, AIX 7.2
IV87614, IV87419, IV87615, IV87420, IV87939, IV87278, IV87279
Note:The detection requires root privileges to run “emgr -c” to check for patches. In absence of such privileges, the detection may not output actual results.
The most severe of the vulnerabilities could allow denial of service. By sending spoofed CRYPTO_NAK or a bad MAC packets with correct origin timestamps, a remote attacker could exploit this vulnerability to cause the autokey association to reset.
The vendor has released fixes to resolve this vulnerability. Refer to AIX Advisory to obtain more information.
Following are links for downloading patches to fix the vulnerabilities: