ID

VAR-201412-0615


CVE

CVE-2014-9293


TITLE

NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)

Trust: 0.8

sources: CERT/CC: VU#852879

DESCRIPTION

The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. The NTP Project ntpd version 4.2.7 and pervious versions contain several vulnerabilities. ntp-keygen prior to version 4.2.7p230 also uses a non-cryptographic random number generator when generating symmetric keys. These vulnerabilities may affect ntpd acting as a server or client. Supplementary information : CWE Vulnerability types by CWE-332: Insufficient Entropy in PRNG (PRNG Insufficient entropy in ) Has been identified. http://cwe.mitre.org/data/definitions/332.htmlBrute force attack by a third party (Brute force attack) Could be used to break cryptographic protection mechanisms. NTP is prone to a security weakness. An attacker can exploit this issue to guess the generated key, and possibly use it to send an ntpdc query or configuration requests. Network Time Protocol is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized buffer. Successful exploits may allow an attacker to execute arbitrary code with the privileges of the ntpd process. Failed attempts will likely cause a denial-of-service condition. Network Time Protocol 4.2.7 and prior are vulnerable. 6.5) - i386, noarch, ppc64, s390x, x86_64 3. Release Date: 2015-02-18 Last Updated: 2015-02-18 Potential Security Impact: Remote execution of code, Denial of Service (DoS), or other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities. References: CVE-2014-9293 - Insufficient Entropy in Pseudo-Random Number Generator (PRNG) (CWE-332) CVE-2014-9294 - Use of Cryptographically Weak PRNG (CWE-338) CVE-2014-9295 - Stack Buffer Overflow (CWE-121) CVE-2014-9296 - Error Conditions, Return Values, Status Codes (CWE-389) CVE-2014-9297 - Improper Check for Unusual or Exceptional Conditions (CWE-754) SSRT101872 VU#852879 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.31 running NTP version C.4.2.6.4.0 or previous HP-UX B.11.23 running XNTP version 3.5 or previous BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-9293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9294 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9295 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9296 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2014-9297 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following patch for HP-UX B.11.31. A workaround for HP-UX B.11.23 and B.11.11 to temporarily resolve these vulnerabilities follows below. The B.11.31 patch is available from: ftp://ntp42650:Secure12@h2.usa.hp.com or https://h20392.www2.hp.com/portal/sw depot/displayProductInfo.do?productNumber=HPUX-NTP Mitigation steps for HP-UX B.11.23 and B.11.11 for CVE-2014-9295 Restrict query for server status (Time Service is not affected) from ntpq/ntpdc by enabling .noquery. using the restrict command in /etc/ntp.conf file. Reference: http://support.ntp.org/bin/view/Main/SecurityNotice NOTE: This bulletin will be revised when patches for XNTP v3.5 on B.11.23 and B.11.11 become available. MANUAL ACTIONS: No PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.31 ================== NTP.INETSVCS2-BOOT NTP.NTP-AUX NTP.NTP-RUN action: install revision C.4.2.6.5.0 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 18 February 2015 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2015 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: ntp security update Advisory ID: RHSA-2014:2024-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-2024.html Issue date: 2014-12-20 CVE Names: CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 ===================================================================== 1. Summary: Updated ntp packages that fix several security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit. (CVE-2014-9293) It was found that ntp-keygen used a weak method for generating MD5 keys. Note: it is recommended to regenerate any MD5 keys that had explicitly been generated with ntp-keygen; the default installation does not contain such keys). (CVE-2014-9294) A missing return statement in the receive() function could potentially allow a remote attacker to bypass NTP's authentication mechanism. (CVE-2014-9296) All ntp users are advised to upgrade to this updated package, which contains backported patches to resolve these issues. After installing the update, the ntpd daemon will restart automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1176032 - CVE-2014-9293 ntp: automatic generation of weak default key in config_auth() 1176035 - CVE-2014-9294 ntp: ntp-keygen uses weak random number generator and seed when generating MD5 keys 1176037 - CVE-2014-9295 ntp: Multiple buffer overflows via specially-crafted packets 1176040 - CVE-2014-9296 ntp: receive() missing return on error 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ntp-4.2.6p5-2.el6_6.src.rpm i386: ntp-4.2.6p5-2.el6_6.i686.rpm ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntpdate-4.2.6p5-2.el6_6.i686.rpm x86_64: ntp-4.2.6p5-2.el6_6.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntpdate-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntp-perl-4.2.6p5-2.el6_6.i686.rpm noarch: ntp-doc-4.2.6p5-2.el6_6.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntp-perl-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ntp-4.2.6p5-2.el6_6.src.rpm x86_64: ntp-4.2.6p5-2.el6_6.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntpdate-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): noarch: ntp-doc-4.2.6p5-2.el6_6.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntp-perl-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ntp-4.2.6p5-2.el6_6.src.rpm i386: ntp-4.2.6p5-2.el6_6.i686.rpm ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntpdate-4.2.6p5-2.el6_6.i686.rpm ppc64: ntp-4.2.6p5-2.el6_6.ppc64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.ppc64.rpm ntpdate-4.2.6p5-2.el6_6.ppc64.rpm s390x: ntp-4.2.6p5-2.el6_6.s390x.rpm ntp-debuginfo-4.2.6p5-2.el6_6.s390x.rpm ntpdate-4.2.6p5-2.el6_6.s390x.rpm x86_64: ntp-4.2.6p5-2.el6_6.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntpdate-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntp-perl-4.2.6p5-2.el6_6.i686.rpm noarch: ntp-doc-4.2.6p5-2.el6_6.noarch.rpm ppc64: ntp-debuginfo-4.2.6p5-2.el6_6.ppc64.rpm ntp-perl-4.2.6p5-2.el6_6.ppc64.rpm s390x: ntp-debuginfo-4.2.6p5-2.el6_6.s390x.rpm ntp-perl-4.2.6p5-2.el6_6.s390x.rpm x86_64: ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntp-perl-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ntp-4.2.6p5-2.el6_6.src.rpm i386: ntp-4.2.6p5-2.el6_6.i686.rpm ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntpdate-4.2.6p5-2.el6_6.i686.rpm x86_64: ntp-4.2.6p5-2.el6_6.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntpdate-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntp-perl-4.2.6p5-2.el6_6.i686.rpm noarch: ntp-doc-4.2.6p5-2.el6_6.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntp-perl-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: ntp-4.2.6p5-19.el7_0.src.rpm x86_64: ntp-4.2.6p5-19.el7_0.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm ntpdate-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_0.noarch.rpm ntp-perl-4.2.6p5-19.el7_0.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm sntp-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: ntp-4.2.6p5-19.el7_0.src.rpm x86_64: ntp-4.2.6p5-19.el7_0.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm ntpdate-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_0.noarch.rpm ntp-perl-4.2.6p5-19.el7_0.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm sntp-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ntp-4.2.6p5-19.el7_0.src.rpm ppc64: ntp-4.2.6p5-19.el7_0.ppc64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.ppc64.rpm ntpdate-4.2.6p5-19.el7_0.ppc64.rpm s390x: ntp-4.2.6p5-19.el7_0.s390x.rpm ntp-debuginfo-4.2.6p5-19.el7_0.s390x.rpm ntpdate-4.2.6p5-19.el7_0.s390x.rpm x86_64: ntp-4.2.6p5-19.el7_0.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm ntpdate-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_0.noarch.rpm ntp-perl-4.2.6p5-19.el7_0.noarch.rpm ppc64: ntp-debuginfo-4.2.6p5-19.el7_0.ppc64.rpm sntp-4.2.6p5-19.el7_0.ppc64.rpm s390x: ntp-debuginfo-4.2.6p5-19.el7_0.s390x.rpm sntp-4.2.6p5-19.el7_0.s390x.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm sntp-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: ntp-4.2.6p5-19.el7_0.src.rpm x86_64: ntp-4.2.6p5-19.el7_0.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm ntpdate-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_0.noarch.rpm ntp-perl-4.2.6p5-19.el7_0.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm sntp-4.2.6p5-19.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9293 https://access.redhat.com/security/cve/CVE-2014-9294 https://access.redhat.com/security/cve/CVE-2014-9295 https://access.redhat.com/security/cve/CVE-2014-9296 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUlOKcXlSAg2UNWIIRAvBoAKCfw+j4ua5JaIRMc5eKkny9G1yWlgCgufNc EvBImTd+Vq7//UExow1FP4U= =m/Eb -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . The two patches are available from the HP Support Center (HPSC). Reference: http://support.ntp.org/bin/view/Main/SecurityNotice MANUAL ACTIONS: Yes - Update If patch installation on B.11.11 or B.11.23 is not possible, mitigate with step above. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker (CVE-2014-9296). Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service (CVE-2014-9297). Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 (localhost) addresses can be bypassed (CVE-2014-9298). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9297 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9298 http://advisories.mageia.org/MGASA-2014-0541.html http://advisories.mageia.org/MGASA-2015-0063.html _______________________________________________________________________ Updated Packages: Mandriva Business Server 2/X86_64: 8f7d14b95c55bd1de7230cff0c8ea9d7 mbs2/x86_64/ntp-4.2.6p5-16.1.mbs2.x86_64.rpm 09063ab11459b1f935809b37c742ff12 mbs2/x86_64/ntp-client-4.2.6p5-16.1.mbs2.x86_64.rpm 7a0d0eca35911d9f15b76b474c5512cf mbs2/x86_64/ntp-doc-4.2.6p5-16.1.mbs2.noarch.rpm cb0371050702950084ff633ea45c2c5c mbs2/SRPMS/ntp-4.2.6p5-16.1.mbs2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFVF9K3mqjQ0CJFipgRAn26AJwInkxLvDh/Gbb3uYRz9IjuaSK8+ACgiM1Z rou2syvF1hyhVhxh7M5sv3c= =uncU -----END PGP SIGNATURE----- . The default ntpd configuration in Debian restricts access to localhost (and possible the adjacent network in case of IPv6). For the stable distribution (wheezy), these problems have been fixed in version 1:4.2.6.p5+dfsg-2+deb7u1. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8-i486-1_slack14.1.txz: Upgraded. In addition to bug fixes and enhancements, this release fixes several high-severity vulnerabilities discovered by Neel Mehta and Stephen Roettger of the Google Security Team. For more information, see: https://www.kb.cert.org/vuls/id/852879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8-x86_64-1_slack13.0.txz Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8-i486-1_slack13.1.txz Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8-x86_64-1_slack13.1.txz Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8-i486-1_slack13.37.txz Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8-x86_64-1_slack13.37.txz Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8-i486-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 package: 18d7f09e90cf2434f59d7e9f11478fba ntp-4.2.8-i486-1_slack13.0.txz Slackware x86_64 13.0 package: edd178e3d2636433dd18f52331af17a5 ntp-4.2.8-x86_64-1_slack13.0.txz Slackware 13.1 package: 4b6da6fa564b1fe00920d402ff97bd43 ntp-4.2.8-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 292ae7dbd3ea593c5e28cbba7c2b71fa ntp-4.2.8-x86_64-1_slack13.1.txz Slackware 13.37 package: 294b8197d360f9a3cf8186619b60b73c ntp-4.2.8-i486-1_slack13.37.txz Slackware x86_64 13.37 package: 7cd5b63f8371b1cc369bc56e4b4efd5a ntp-4.2.8-x86_64-1_slack13.37.txz Slackware 14.0 package: 32eab67538c33e4669bda9200799a497 ntp-4.2.8-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 33ecf4845fa8533a12a98879815bde08 ntp-4.2.8-x86_64-1_slack14.0.txz Slackware 14.1 package: f2b45a45c846a909ae201176ce359939 ntp-4.2.8-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 12d7ab6e2541af4d1282621d3773e7f7 ntp-4.2.8-x86_64-1_slack14.1.txz Slackware -current package: 5b2150cee9840d8bb547098cccde879a n/ntp-4.2.8-i486-1.txz Slackware x86_64 -current package: 9ce09c5d6a60d3e2117988e4551e4af1 n/ntp-4.2.8-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg ntp-4.2.8-i486-1_slack14.1.txz Then, restart the NTP daemon: # sh /etc/rc.d/rc.ntpd restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. ============================================================================ Ubuntu Security Notice USN-2449-1 December 22, 2014 ntp vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Several security issues were fixed in NTP. The default compiler options for affected releases should reduce the vulnerability to a denial of service. In addition, attackers would be isolated by the NTP AppArmor profile. (CVE-2014-9295) Stephen Roettger discovered that NTP incorrectly continued processing when handling certain errors. (CVE-2014-9296) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.10.1 Ubuntu 14.04 LTS: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.1 Ubuntu 12.04 LTS: ntp 1:4.2.6.p3+dfsg-1ubuntu3.2 Ubuntu 10.04 LTS: ntp 1:4.2.4p8+dfsg-1ubuntu2.2 After a standard system update you need to regenerate any MD5 keys that were manually created with ntp-keygen

Trust: 3.6

sources: NVD: CVE-2014-9293 // CERT/CC: VU#852879 // JVNDB: JVNDB-2014-007350 // BID: 71757 // BID: 71761 // PACKETSTORM: 130140 // PACKETSTORM: 130481 // PACKETSTORM: 129686 // PACKETSTORM: 131356 // PACKETSTORM: 131149 // PACKETSTORM: 129680 // PACKETSTORM: 129693 // PACKETSTORM: 129684

AFFECTED PRODUCTS

vendor:ciscomodel:paging serverscope:eqversion:0

Trust: 1.2

vendor:ciscomodel:edge digital media playerscope:eqversion:3000

Trust: 1.2

vendor:ciscomodel:download serverscope:eqversion:0

Trust: 1.2

vendor:ntpmodel:ntpscope:lteversion:4.2.7

Trust: 1.0

vendor:applemodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:efficientipmodel: - scope: - version: -

Trust: 0.8

vendor:f5model: - scope: - version: -

Trust: 0.8

vendor:freebsdmodel: - scope: - version: -

Trust: 0.8

vendor:huaweimodel: - scope: - version: -

Trust: 0.8

vendor:necmodel: - scope: - version: -

Trust: 0.8

vendor:ntpmodel: - scope: - version: -

Trust: 0.8

vendor:omnitimodel: - scope: - version: -

Trust: 0.8

vendor:red hatmodel: - scope: - version: -

Trust: 0.8

vendor:watchguardmodel: - scope: - version: -

Trust: 0.8

vendor:ntpmodel:ntpscope:ltversion:4.2.7p11

Trust: 0.8

vendor:necmodel:express5800scope:eqversion:/sigmablade em card (n8405-043) for firmware rev.14.02 before

Trust: 0.8

vendor:necmodel:istoragescope:eqversion:ne single model / cluster model ver.002.08.08 previous version

Trust: 0.8

vendor:necmodel:istoragescope:eqversion:nv7400/nv5400/nv3400 series

Trust: 0.8

vendor:necmodel:istoragescope:eqversion:nv7500/nv5500/nv3500 series

Trust: 0.8

vendor:necmodel:securebranchscope:eqversion:version 3.2

Trust: 0.8

vendor:necmodel:univergescope:eqversion:3c cmm

Trust: 0.8

vendor:necmodel:univergescope:eqversion:ip8800 series

Trust: 0.8

vendor:hitachimodel:bsscope:eqversion:2000 series

Trust: 0.8

vendor:hitachimodel:bsscope:eqversion:320 series

Trust: 0.8

vendor:hitachimodel:bsscope:eqversion:500 series

Trust: 0.8

vendor:hitachimodel:ha8000 seriesscope: - version: -

Trust: 0.8

vendor:ubuntumodel:linuxscope:eqversion:14.10

Trust: 0.6

vendor:ubuntumodel:linux ltsscope:eqversion:14.04

Trust: 0.6

vendor:ubuntumodel:linux lts i386scope:eqversion:12.04

Trust: 0.6

vendor:ubuntumodel:linux lts amd64scope:eqversion:12.04

Trust: 0.6

vendor:ubuntumodel:linux sparcscope:eqversion:10.04

Trust: 0.6

vendor:ubuntumodel:linux powerpcscope:eqversion:10.04

Trust: 0.6

vendor:ubuntumodel:linux i386scope:eqversion:10.04

Trust: 0.6

vendor:ubuntumodel:linux armscope:eqversion:10.04

Trust: 0.6

vendor:ubuntumodel:linux amd64scope:eqversion:10.04

Trust: 0.6

vendor:susemodel:linux enterprise server sp1 ltssscope:eqversion:11

Trust: 0.6

vendor:slackwaremodel:linuxscope:eqversion:14.1

Trust: 0.6

vendor:slackwaremodel:linuxscope:eqversion:14.0

Trust: 0.6

vendor:slackwaremodel:linuxscope:eqversion:13.37

Trust: 0.6

vendor:slackwaremodel:linuxscope:eqversion:13.1

Trust: 0.6

vendor:slackwaremodel:linuxscope:eqversion:13.0

Trust: 0.6

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:7

Trust: 0.6

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.6

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7

Trust: 0.6

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.6

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:7

Trust: 0.6

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.6

vendor:redhatmodel:enterprise linux serverscope:eqversion:7

Trust: 0.6

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.6

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.6

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.6

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.6

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.6

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.6

vendor:redhatmodel:enterprise linux computenode optionalscope:eqversion:7

Trust: 0.6

vendor:redhatmodel:enterprise linux computenodescope:eqversion:7

Trust: 0.6

vendor:redhatmodel:enterprise linux client optionalscope:eqversion:7

Trust: 0.6

vendor:redhatmodel:enterprise linux clientscope:eqversion:7

Trust: 0.6

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.6

vendor:oraclemodel:enterprise linuxscope:eqversion:7

Trust: 0.6

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.6

vendor:oraclemodel:communications policy managementscope:eqversion:12.1.1

Trust: 0.6

vendor:oraclemodel:communications policy managementscope:eqversion:10.4.1

Trust: 0.6

vendor:oraclemodel:communications policy managementscope:eqversion:9.9.1

Trust: 0.6

vendor:oraclemodel:communications policy managementscope:eqversion:9.7.3

Trust: 0.6

vendor:meinbergmodel:network time protocol 4.2.7p10scope: - version: -

Trust: 0.6

vendor:meinbergmodel:network time protocolscope:eqversion:4.2.7

Trust: 0.6

vendor:meinbergmodel:network time protocolscope:eqversion:4.2.6

Trust: 0.6

vendor:meinbergmodel:network time protocolscope:eqversion:4.2.5

Trust: 0.6

vendor:meinbergmodel:network time protocol 4.2.4p8@lennon-o-lpvscope: - version: -

Trust: 0.6

vendor:meinbergmodel:network time protocol 4.2.4p7@copenhagen-oscope: - version: -

Trust: 0.6

vendor:meinbergmodel:network time protocolscope:eqversion:4.2.4

Trust: 0.6

vendor:meinbergmodel:network time protocolscope:eqversion:4.2.2

Trust: 0.6

vendor:meinbergmodel:network time protocolscope:eqversion:4.2.0

Trust: 0.6

vendor:meinbergmodel:network time protocolscope:eqversion:4.1.0

Trust: 0.6

vendor:meinbergmodel:network time protocolscope:eqversion:4.0

Trust: 0.6

vendor:mandrivamodel:business serverscope:eqversion:1x8664

Trust: 0.6

vendor:mandrivamodel:business serverscope:eqversion:1

Trust: 0.6

vendor:junipermodel:vgwscope:eqversion:0

Trust: 0.6

vendor:junipermodel:nsmexpressscope:eqversion: -

Trust: 0.6

vendor:junipermodel:nsm server softwarescope:eqversion:0

Trust: 0.6

vendor:junipermodel:nsm series appliancesscope:eqversion:0

Trust: 0.6

vendor:junipermodel:nsmscope:eqversion:0

Trust: 0.6

vendor:junipermodel:junos spacescope:eqversion:0

Trust: 0.6

vendor:junipermodel:junos os 14.2r1scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 14.1r2-s2scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 14.1r2scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 14.1r1scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.3r4scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.3r3-s2scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.3r3scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.3r2-s3scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.3r1scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.2x51-d25scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.2r5-s1scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.2r5scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.1x50-d30scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.1r4-s3scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 13.1r4-s2scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 12.3r8scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 12.3r7scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 12.2x50-d70scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 12.2r9scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 12.1x47-d15scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 12.1x47-d10scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 12.1x46-d25scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 12.1x46-d20scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 12.1x44-d40scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 11.4r12-s4scope: - version: -

Trust: 0.6

vendor:junipermodel:junos os 11.4r12-s1scope: - version: -

Trust: 0.6

vendor:junipermodel:junos osscope:eqversion:0

Trust: 0.6

vendor:intelmodel:xeon phi 7120pscope: - version: -

Trust: 0.6

vendor:intelmodel:xeon phi 7120ascope: - version: -

Trust: 0.6

vendor:intelmodel:xeon phi 5110pscope: - version: -

Trust: 0.6

vendor:intelmodel:xeon phi 3120ascope: - version: -

Trust: 0.6

vendor:intelmodel:manycore platform software stackscope:eqversion:3.4

Trust: 0.6

vendor:intelmodel:manycore platform software stackscope:eqversion:3.3

Trust: 0.6

vendor:intelmodel:manycore platform software stackscope:eqversion:3.2

Trust: 0.6

vendor:intelmodel:manycore platform software stackscope:eqversion:3.1

Trust: 0.6

vendor:intelmodel:manycore platform software stackscope:eqversion:2.1

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.3

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.14

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.3.4

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.3.3

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.3.2

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.3.0

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.2.5

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.2.4

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.2.0

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.1.9

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.1.8

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.1.3

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.1.1

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.1.0

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.0.13

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.0.12

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.0.11

Trust: 0.6

vendor:ibmmodel:viosscope:eqversion:2.2.0.10

Trust: 0.6

vendor:ibmmodel:smartcloud entry fpscope:eqversion:3.19

Trust: 0.6

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1

Trust: 0.6

vendor:ibmmodel:smart analytics systemscope:eqversion:77100

Trust: 0.6

vendor:ibmmodel:smart analytics systemscope:eqversion:77000

Trust: 0.6

vendor:ibmmodel:smart analytics systemscope:eqversion:76000

Trust: 0.6

vendor:ibmmodel:smart analytics systemscope:eqversion:56003

Trust: 0.6

vendor:ibmmodel:smart analytics systemscope:eqversion:56002

Trust: 0.6

vendor:ibmmodel:smart analytics systemscope:eqversion:56001

Trust: 0.6

vendor:ibmmodel:security network protectionscope:eqversion:71005.3

Trust: 0.6

vendor:ibmmodel:security network protectionscope:eqversion:71005.2

Trust: 0.6

vendor:ibmmodel:security network protectionscope:eqversion:51005.3

Trust: 0.6

vendor:ibmmodel:security network protectionscope:eqversion:51005.2

Trust: 0.6

vendor:ibmmodel:security network protectionscope:eqversion:41005.3

Trust: 0.6

vendor:ibmmodel:security network protectionscope:eqversion:41005.2

Trust: 0.6

vendor:ibmmodel:security network protectionscope:eqversion:31005.3

Trust: 0.6

vendor:ibmmodel:security network protectionscope:eqversion:31005.2

Trust: 0.6

vendor:ibmmodel:pureflexscope:eqversion:x3950x6

Trust: 0.6

vendor:ibmmodel:pureflexscope:eqversion:x3850x6

Trust: 0.6

vendor:ibmmodel:pureflex x240m5+penscope: - version: -

Trust: 0.6

vendor:ibmmodel:pureflex x240m4scope: - version: -

Trust: 0.6

vendor:ibmmodel:pureflex x220m4scope: - version: -

Trust: 0.6

vendor:ibmmodel:puredata system for operational analyticsscope:eqversion:1.1

Trust: 0.6

vendor:ibmmodel:puredata system for operational analyticsscope:eqversion:1.0

Trust: 0.6

vendor:ibmmodel:power hmcscope:eqversion:8.8.2.0

Trust: 0.6

vendor:ibmmodel:power hmcscope:eqversion:8.8.1.0

Trust: 0.6

vendor:ibmmodel:power hmcscope:eqversion:7.7.9.0

Trust: 0.6

vendor:ibmmodel:power hmcscope:eqversion:7.7.8.0

Trust: 0.6

vendor:ibmmodel:power hmcscope:eqversion:7.7.7.0

Trust: 0.6

vendor:ibmmodel:power hmcscope:eqversion:7.7.3.0

Trust: 0.6

vendor:ibmmodel:nextscale nx360m5scope: - version: -

Trust: 0.6

vendor:ibmmodel:nextscale nx360m4scope: - version: -

Trust: 0.6

vendor:ibmmodel:netezza host managementscope:eqversion:5.3.3

Trust: 0.6

vendor:ibmmodel:idataplex dx360m4scope: - version: -

Trust: 0.6

vendor:ibmmodel:aixscope:eqversion:7.1

Trust: 0.6

vendor:ibmmodel:aixscope:eqversion:6.1

Trust: 0.6

vendor:ibmmodel:aixscope:eqversion:5.3

Trust: 0.6

vendor:huaweimodel:rack v100r001c00scope:eqversion:x8000

Trust: 0.6

vendor:huaweimodel:v1300n v100r002c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:tecal xh621 v100r001c00b010scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:tecal xh320 v100r001c00spc105scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:tecal xh311 v100r001c00spc100scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:tecal xh310 v100r001c00spc100scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:rh5885h v100r003c00scope:eqversion:v3

Trust: 0.6

vendor:huaweimodel:rh5885 v100r003c01scope:eqversion:v3

Trust: 0.6

vendor:huaweimodel:rh5885 v100r001c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:rh2485 v100r002c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:rh2288h v100r002c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:rh2288e v100r002c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:rh2288 v100r002c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:rh2285h v100r002c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:rh2285 v100r002c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:rh1288 v100r002c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:oceanstor uds v100r002c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor uds v100r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor s6800t v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor s5800t v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor s5600t v100r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor s5500t v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor s2600t v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor hvs88t v100r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor hvs85t v100r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor 18800f v100r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:oceanstor v100r001c00scope:eqversion:18800

Trust: 0.6

vendor:huaweimodel:high-density server dh628 v100r001c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:high-density server dh621 v100r001c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:high-density server dh620 v100r001c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:high-density server dh320 v100r001c00scope:eqversion:v2

Trust: 0.6

vendor:huaweimodel:fusionsphere openstack v100r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusioncube v100r002c02spc300scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusioncube v100r002c02spc200scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusioncube v100r002c02spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusioncube v100r002c01spc100scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusioncompute v100r005c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusioncompute v100r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusioncompute v100r003c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusioncompute v100r003c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusionaccess v100r005c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:fusionaccess v100r005c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace vtm v100r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace vtm v100r001c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace vtm v100r001c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace vcn3000 v100r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace usm v200r003c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace uc v200r003c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace uc v200r002c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace uc v100r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace u2980 v200r003c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace u2980 v100r001c02spc200scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace u2980 v100r001c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace ivs v100r001c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace dcm v100r002c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace dcm v100r001c03scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace dcm v100r001c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace dcm v100r001c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace cc v200r001c50scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace cc v200r001c32scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace cc v200r001c31scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace cc v200r001c03scope: - version: -

Trust: 0.6

vendor:huaweimodel:espace cad v100r001c01lhue01scope: - version: -

Trust: 0.6

vendor:huaweimodel:esight uc&c v100r001c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:esight uc&c v100r001c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:esight network v200r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:esight network v200r003c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:esight network v200r003c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:e9000 chassis v100r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:e6000 chassis v100r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:dc v100r002c01spc001scope: - version: -

Trust: 0.6

vendor:hpmodel:virtualization performance viewerscope:eqversion:2.10

Trust: 0.6

vendor:hpmodel:virtualization performance viewerscope:eqversion:2.01

Trust: 0.6

vendor:hpmodel:virtualization performance viewerscope:eqversion:2.0

Trust: 0.6

vendor:hpmodel:virtualization performance viewerscope:eqversion:1.2

Trust: 0.6

vendor:hpmodel:virtualization performance viewerscope:eqversion:1.1

Trust: 0.6

vendor:hpmodel:virtualization performance viewerscope:eqversion:1.0

Trust: 0.6

vendor:hpmodel:vcxscope:eqversion:0

Trust: 0.6

vendor:hpmodel:tcp/ip services for openvmsscope:eqversion:5.7

Trust: 0.6

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.6

vendor:hitachimodel:bladesymphony cb500 seriesscope:eqversion:0

Trust: 0.6

vendor:hitachimodel:bladesymphony cb320 seriesscope:eqversion:0

Trust: 0.6

vendor:hitachimodel:bladesymphony cb2000 seriesscope:eqversion:0

Trust: 0.6

vendor:hitachimodel:bladesymphony bs500 seriesscope:eqversion:0

Trust: 0.6

vendor:hitachimodel:bladesymphony bs320 seriesscope:eqversion:0

Trust: 0.6

vendor:hitachimodel:bladesymphony bs2000 seriesscope:eqversion:0

Trust: 0.6

vendor:hitachimodel:advanced server ha8000crscope:eqversion:0

Trust: 0.6

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.6

vendor:freebsdmodel:freebsdscope:eqversion:0

Trust: 0.6

vendor:emcmodel:vipr srmscope:eqversion:3.6.0

Trust: 0.6

vendor:emcmodel:m&rscope:eqversion:6.5

Trust: 0.6

vendor:citrixmodel:netscaler gatewayscope:eqversion:0

Trust: 0.6

vendor:citrixmodel:netscaler application delivery controllerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:wide area application servicesscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:webex socialscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:webex meetings server basescope:eqversion:2.5

Trust: 0.6

vendor:ciscomodel:webex meetings serverscope:eqversion:2.5

Trust: 0.6

vendor:ciscomodel:webex meetings server 2.0mr2scope: - version: -

Trust: 0.6

vendor:ciscomodel:webex meetings serverscope:eqversion:2.0

Trust: 0.6

vendor:ciscomodel:virtualization experience clientscope:eqversion:62150

Trust: 0.6

vendor:ciscomodel:virtual systems operations center for vpe projectscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:virtual security gatewayscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:videoscape conductorscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:videoscape back officescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:video surveillance media serverscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:video delivery system recorderscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:universal small cell ran management system wirelessscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:unity connectionscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:unified sip proxyscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:unified provisioning managerscope:eqversion:8.6

Trust: 0.6

vendor:ciscomodel:unified meetingplacescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:unified intelligence centerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:unified contact center expressscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:unified communications managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:unified communications domain managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ucs managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ucs invicta seriesscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ucs directorscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:transaction encryption devicescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence tx seriesscope:eqversion:90000

Trust: 0.6

vendor:ciscomodel:telepresence te softwarescope:eqversion:-0

Trust: 0.6

vendor:ciscomodel:telepresence systemscope:eqversion:500-370

Trust: 0.6

vendor:ciscomodel:telepresence systemscope:eqversion:500-320

Trust: 0.6

vendor:ciscomodel:telepresence system seriesscope:eqversion:30000

Trust: 0.6

vendor:ciscomodel:telepresence systemscope:eqversion:13000

Trust: 0.6

vendor:ciscomodel:telepresence systemscope:eqversion:11000

Trust: 0.6

vendor:ciscomodel:telepresence systemscope:eqversion:10000

Trust: 0.6

vendor:ciscomodel:telepresence profile seriesscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence isdn linkscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresencescope:eqversion:13100

Trust: 0.6

vendor:ciscomodel:show and sharescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:service control engines system softwarescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:scosscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:remote network control systemscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:remote conditional access systemscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:quantum son suitescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:quantum policy suitescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:prime service catalog virtual appliancescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:prime license managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:prime lan management solutionscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:prime infrastructurescope:eqversion: -

Trust: 0.6

vendor:ciscomodel:prime data center network managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:prime collaboration provisioningscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:powervu network centerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:powervu d9190 conditional access managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:powerkey encryption serverscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:physical access managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:onepk all-in-one vmscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:90000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:70000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:60000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:50000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:40000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:30000

Trust: 0.6

vendor:ciscomodel:nexus series switchesscope:eqversion:1000v0

Trust: 0.6

vendor:ciscomodel:network configuration and change management servicescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:network configuration and change managementscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:netflow collection agentscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:mediasensescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:media experience enginesscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:mds series multilayer switchesscope:eqversion:90000

Trust: 0.6

vendor:ciscomodel:management heartbeat serverscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:jabber guestscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:iptv service delivery systemscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ip interoperability and collaboration systemscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ios xr softwarescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ios xr for cisco network convergence systemscope:eqversion:60000

Trust: 0.6

vendor:ciscomodel:international digital network control systemscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:intelligent automation for cloudscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:im and presence servicescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:firesight system softwarescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:finessescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:explorer controllerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:enterprise content delivery servicescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:encryption appliancescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:emergency responderscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:emergency responderscope: - version: -

Trust: 0.6

vendor:ciscomodel:dncs application serverscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:digital transport adapter control systemscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:digital network control systemscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:digital media managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:dcm series 9900-digital content managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:d9036 modular encoding platformscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:common services platform collectorscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:common download serverscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:command serverscope:eqversion:20000

Trust: 0.6

vendor:ciscomodel:cloud object storescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence endpoints sx seriesscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence endpoints mxg2 seriesscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence endpoints mx seriesscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence endpoints ex seriesscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence endpoints c seriesscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:telepresence endpoints 10" touch panelscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:ironport encryption appliancescope:eqversion:0

Trust: 0.6

vendor:ciscomodel:application policy infrastructure controllerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:autobackup serverscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:asa cx and cisco prime security managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:application networking managerscope:eqversion:0

Trust: 0.6

vendor:ciscomodel:application and content networking systemscope:eqversion:0

Trust: 0.6

vendor:centosmodel:centosscope:eqversion:7

Trust: 0.6

vendor:centosmodel:centosscope:eqversion:5

Trust: 0.6

vendor:avayamodel:proactive contactscope:eqversion:5.1

Trust: 0.6

vendor:avayamodel:proactive contactscope:eqversion:5.0

Trust: 0.6

vendor:avayamodel:one-x client enablement services sp2scope:eqversion:6.2

Trust: 0.6

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.2

Trust: 0.6

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.1.2

Trust: 0.6

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.1.1

Trust: 0.6

vendor:avayamodel:message networkingscope:eqversion:6.3

Trust: 0.6

vendor:avayamodel:message networkingscope:eqversion:6.2.0

Trust: 0.6

vendor:avayamodel:meeting exchangescope:eqversion:5.2

Trust: 0.6

vendor:avayamodel:meeting exchangescope:eqversion:5.1

Trust: 0.6

vendor:avayamodel:meeting exchangescope:eqversion:5.0

Trust: 0.6

vendor:avayamodel:iqscope:eqversion:5.1.1

Trust: 0.6

vendor:avayamodel:iqscope:eqversion:5.1

Trust: 0.6

vendor:avayamodel:iqscope:eqversion:5

Trust: 0.6

vendor:avayamodel:ip office server editionscope:eqversion:9.0

Trust: 0.6

vendor:avayamodel:ip office server editionscope:eqversion:8.1

Trust: 0.6

vendor:avayamodel:ip office application server spscope:eqversion:9.02

Trust: 0.6

vendor:avayamodel:ip office application server spscope:eqversion:9.01

Trust: 0.6

vendor:avayamodel:ip office application serverscope:eqversion:9.0

Trust: 0.6

vendor:avayamodel:ip office application serverscope:eqversion:8.1

Trust: 0.6

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.6

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.5

Trust: 0.6

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.0

Trust: 0.6

vendor:avayamodel:communication server 1000mscope:eqversion:7.5

Trust: 0.6

vendor:avayamodel:communication server 1000mscope:eqversion:7.0

Trust: 0.6

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.5

Trust: 0.6

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.0

Trust: 0.6

vendor:avayamodel:communication server 1000escope:eqversion:7.5

Trust: 0.6

vendor:avayamodel:communication server 1000escope:eqversion:7.0

Trust: 0.6

vendor:avayamodel:cms r17scope: - version: -

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.2.1

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.0.2

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.0.1

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.3

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.2.1.0.9

Trust: 0.6

vendor:avayamodel:aura system platform sp1scope:eqversion:6.2

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.2

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.9.3

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.8.3

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.0.3

Trust: 0.6

vendor:avayamodel:aura system platform sp3scope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura system platform sp2scope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura system platformscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura system managerscope:eqversion:6.3

Trust: 0.6

vendor:avayamodel:aura system manager sp3scope:eqversion:6.2

Trust: 0.6

vendor:avayamodel:aura system managerscope:eqversion:6.2

Trust: 0.6

vendor:avayamodel:aura system managerscope:eqversion:6.1.5

Trust: 0.6

vendor:avayamodel:aura system managerscope:eqversion:6.1.3

Trust: 0.6

vendor:avayamodel:aura system managerscope:eqversion:6.1.2

Trust: 0.6

vendor:avayamodel:aura system managerscope:eqversion:6.1.1

Trust: 0.6

vendor:avayamodel:aura system manager sp2scope:eqversion:6.1

Trust: 0.6

vendor:avayamodel:aura system manager sp1scope:eqversion:6.1

Trust: 0.6

vendor:avayamodel:aura system managerscope:eqversion:6.1

Trust: 0.6

vendor:avayamodel:aura system manager sp1scope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura system managerscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.3.1

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.2.1

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.1.5

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.1.3

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.1.2

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.1.1

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.0.1

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.3.3

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.3

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.2.2

Trust: 0.6

vendor:avayamodel:aura session manager sp1scope:eqversion:6.2

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.2

Trust: 0.6

vendor:avayamodel:aura session manager sp2scope:eqversion:6.1

Trust: 0.6

vendor:avayamodel:aura session manager sp1scope:eqversion:6.1

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.1

Trust: 0.6

vendor:avayamodel:aura session manager sp1scope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.2

Trust: 0.6

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.1

Trust: 0.6

vendor:avayamodel:aura presence services sp1scope:eqversion:6.1

Trust: 0.6

vendor:avayamodel:aura presence servicesscope:eqversion:6.1

Trust: 0.6

vendor:avayamodel:aura presence servicesscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura experience portalscope:eqversion:6.0.2

Trust: 0.6

vendor:avayamodel:aura experience portalscope:eqversion:6.0.1

Trust: 0.6

vendor:avayamodel:aura experience portalscope:eqversion:7.0

Trust: 0.6

vendor:avayamodel:aura experience portal sp2scope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura experience portal sp1scope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura conferencingscope:eqversion:8.0

Trust: 0.6

vendor:avayamodel:aura conferencingscope:eqversion:7.0

Trust: 0.6

vendor:avayamodel:aura conferencing standardscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura conferencing sp1 standardscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura communication managerscope:eqversion:6.3

Trust: 0.6

vendor:avayamodel:aura communication managerscope:eqversion:6.2

Trust: 0.6

vendor:avayamodel:aura communication managerscope:eqversion:6.0.1

Trust: 0.6

vendor:avayamodel:aura communication managerscope:eqversion:6.0

Trust: 0.6

vendor:avayamodel:aura collaboration environmentscope:eqversion:3.0

Trust: 0.6

vendor:avayamodel:aura collaboration environmentscope:eqversion:2.0

Trust: 0.6

vendor:avayamodel:aura application server sip corescope:eqversion:53003.0

Trust: 0.6

vendor:avayamodel:aura application server sip corescope:eqversion:53002.0

Trust: 0.6

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.2

Trust: 0.6

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.1

Trust: 0.6

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1

Trust: 0.6

vendor:junipermodel:junos os 14.2r3scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 14.1x55-d16scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 14.1x50-d90scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 14.1r5scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 13.3r6scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 13.2r8scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 12.3x48-d15scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 12.3r9scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 12.1x47-d20scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 12.1x46-d35scope:neversion: -

Trust: 0.6

vendor:junipermodel:junos os 12.1x44-d50scope:neversion: -

Trust: 0.6

vendor:ibmmodel:smartcloud entry fpscope:neversion:3.110

Trust: 0.6

vendor:hpmodel:vcxscope:neversion:9.8.17

Trust: 0.6

vendor:emcmodel:vipr srmscope:neversion:3.6.1

Trust: 0.6

vendor:emcmodel:m&r 6.5u1scope:neversion: -

Trust: 0.6

vendor:ibmmodel:smart analytics systemscope:eqversion:57100

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:20500

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:10500

Trust: 0.3

vendor:ibmmodel:netezza host managementscope:eqversion:5.3.2.0

Trust: 0.3

vendor:ibmmodel:infosphere balanced warehouse c4000scope:eqversion:0

Trust: 0.3

vendor:ibmmodel:infosphere balanced warehouse c3000scope:eqversion:0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.20

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.1.0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.0.0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.2.1.0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.2.0.0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.1.0.0

Trust: 0.3

vendor:meinbergmodel:ntpscope:neversion:4.2.8

Trust: 0.3

vendor:meinbergmodel:ntp 4.2.7p11scope:neversion: -

Trust: 0.3

vendor:susemodel:linux enterprise server sp2 ltssscope:eqversion:110

Trust: 0.3

vendor:susemodel:linux enterprise server sp3 for vmwarescope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise server sp3scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise server sp4 ltssscope:eqversion:10

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp3scope:eqversion:11

Trust: 0.3

vendor:susemodel:opensuse evergreenscope:eqversion:11.4

Trust: 0.3

vendor:susemodel:linux enterprise serverscope:eqversion:12

Trust: 0.3

vendor:susemodel:linux enterprise desktopscope:eqversion:12

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:13.2

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:13.1

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:12.3

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:11.2

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:11.1

Trust: 0.3

vendor:oraclemodel:solarisscope:eqversion:10

Trust: 0.3

vendor:ibmmodel:real-time compression appliancescope:eqversion:3.8

Trust: 0.3

vendor:ibmmodel:real-time compression appliancescope:eqversion:3.9

Trust: 0.3

vendor:ibmmodel:infosphere guardiumscope:eqversion:9.1

Trust: 0.3

vendor:ibmmodel:infosphere guardiumscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:infosphere guardiumscope:eqversion:8.2

Trust: 0.3

vendor:ibmmodel:flex system p460 compute nodescope:eqversion:(7895-43x)0

Trust: 0.3

vendor:ibmmodel:flex system p460scope:eqversion:(7895-42x)0

Trust: 0.3

vendor:ibmmodel:flex system p270 compute nodescope:eqversion:(7954-24x)0

Trust: 0.3

vendor:ibmmodel:flex system p260 compute node /fc efd9scope:eqversion:0

Trust: 0.3

vendor:ibmmodel:flex system p260scope:eqversion:(7895-23x)0

Trust: 0.3

vendor:ibmmodel:flex system p260scope:eqversion:(7895-22x)0

Trust: 0.3

vendor:ibmmodel:flex system p24lscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.2

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.2.1

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.2

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.1

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.1

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.0.1

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.0

Trust: 0.3

vendor:hpmodel:wx5004-ei (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:u200s and cs (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:u200a and m (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:secblade iii (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:secblade fw (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:msr50 g2scope:eqversion:5-0

Trust: 0.3

vendor:hpmodel:msr50scope:eqversion:5-0

Trust: 0.3

vendor:hpmodel:msr30-1xscope:eqversion:5-0

Trust: 0.3

vendor:hpmodel:msr30-16scope:eqversion:5-0

Trust: 0.3

vendor:hpmodel:msr30scope:eqversion:5-0

Trust: 0.3

vendor:hpmodel:msr20-1x (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:msr20-1xscope:eqversion:5-0

Trust: 0.3

vendor:hpmodel:msr20 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:msr1000 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:msr (comwarescope:eqversion:9xx5)0

Trust: 0.3

vendor:hpmodel:msr (comwarescope:eqversion:93x5)0

Trust: 0.3

vendor:hpmodel:msr 50-g2 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:msr (comwarescope:eqversion:505)0

Trust: 0.3

vendor:hpmodel:msr (comwarescope:eqversion:30-1x5)0

Trust: 0.3

vendor:hpmodel:msr (comwarescope:eqversion:30-165)0

Trust: 0.3

vendor:hpmodel:msr (comwarescope:eqversion:305)0

Trust: 0.3

vendor:hpmodel:hsr6800 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:hsr6602 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:hp870 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:hp850 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:hp830 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:hp6000 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:f5000-c/s (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:f5000-a (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:f1000-s-ei (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:f1000-e (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:f1000-a-ei (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:a6600 (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:9500e (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:88005)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:75005)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:58305)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:58205)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:58005)0

Trust: 0.3

vendor:hpmodel:5500si (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:hi (comwarescope:eqversion:55005)0

Trust: 0.3

vendor:hpmodel:ei (comwarescope:eqversion:55005)0

Trust: 0.3

vendor:hpmodel:si (comwarescope:eqversion:51205)0

Trust: 0.3

vendor:hpmodel:ei (comwarescope:eqversion:51205)0

Trust: 0.3

vendor:hpmodel:4800g (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:4500g (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:4210g (comwarescope:eqversion:5)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:36105)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:3600v25)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:3100v2-485)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:3100v25)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:125005)0

Trust: 0.3

vendor:hpmodel:(comwarescope:eqversion:105005)0

Trust: 0.3

vendor:hitachimodel:enterprise server ap8800scope:eqversion:0

Trust: 0.3

vendor:hitachimodel:enterprise server ap7000scope:eqversion:0

Trust: 0.3

vendor:hitachimodel:bladesymphony cb2500 seriesscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:bladesymphony bs2500 seriesscope:eqversion:0

Trust: 0.3

vendor:hitachimodel:bladesymphony bs1000 seriesscope:eqversion:0

Trust: 0.3

vendor:f5model:load balancer big-ip1500scope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.9.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.10.1

Trust: 0.3

vendor:meinbergmodel:network time protocolscope:neversion:4.2.8

Trust: 0.3

vendor:hpmodel:wx5004-ei (comware r2507p35scope:neversion:5)

Trust: 0.3

vendor:hpmodel:vsr (comware r0204p01scope:neversion:7)

Trust: 0.3

vendor:hpmodel:(comware r1513p95scope:neversion:v19105)

Trust: 0.3

vendor:hpmodel:u200s and cs (comware f5123p31scope:neversion:5)

Trust: 0.3

vendor:hpmodel:u200a and m (comware f5123p31scope:neversion:5)

Trust: 0.3

vendor:hpmodel:smb1920 (comware r1106scope:neversion:5)

Trust: 0.3

vendor:hpmodel:smb1910 (comware r1108scope:neversion:5)

Trust: 0.3

vendor:hpmodel:smb (comware r1105scope:neversion:16205)

Trust: 0.3

vendor:hpmodel:secblade iii (comware r3820p03scope:neversion:5)

Trust: 0.3

vendor:hpmodel:secblade fw (comware r3181p05scope:neversion:5)

Trust: 0.3

vendor:hpmodel:msr50 ru r2513l61scope:neversion:5

Trust: 0.3

vendor:hpmodel:msr50 g2 r2513l61scope:neversion:5-

Trust: 0.3

vendor:hpmodel:msr50 epu ru r2513l61scope:neversion:5

Trust: 0.3

vendor:hpmodel:msr50 r2513l61scope:neversion:5-

Trust: 0.3

vendor:hpmodel:msr4000 (comware r0106p31scope:neversion:7)

Trust: 0.3

vendor:hpmodel:msr316 ru r2513l61scope:neversion:5

Trust: 0.3

vendor:hpmodel:msr301x ru r2513l61scope:neversion:5

Trust: 0.3

vendor:hpmodel:msr3000 (comware r0106p31scope:neversion:7)

Trust: 0.3

vendor:hpmodel:msr30-1x r2513l61scope:neversion:5-

Trust: 0.3

vendor:hpmodel:msr30-16 r2513l61scope:neversion:5-

Trust: 0.3

vendor:hpmodel:msr30 ru r2513l61scope:neversion:5

Trust: 0.3

vendor:hpmodel:msr30 r2513l61scope:neversion:5-

Trust: 0.3

vendor:hpmodel:msr2000 (comware r0106p31scope:neversion:7)

Trust: 0.3

vendor:hpmodel:msr20-1x ru r2513l61scope:neversion:5

Trust: 0.3

vendor:hpmodel:msr20-1x (comware r2513p45scope:neversion:5)

Trust: 0.3

vendor:hpmodel:msr20-1x r2513l61scope:neversion:5-

Trust: 0.3

vendor:hpmodel:msr20 ru r2513l61scope:neversion:5

Trust: 0.3

vendor:hpmodel:msr20 (comware r2513p45scope:neversion:5)

Trust: 0.3

vendor:hpmodel:msr20 r2513l61scope:neversion:5-

Trust: 0.3

vendor:hpmodel:msr1000 ru r2513l61scope:neversion:5

Trust: 0.3

vendor:hpmodel:msr1000 (comware r0106p31scope:neversion:7)

Trust: 0.3

vendor:hpmodel:msr1000 (comware r2513p45scope:neversion:5)

Trust: 0.3

vendor:hpmodel:msr (comware r2513p45scope:neversion:9xx5)

Trust: 0.3

vendor:hpmodel:msr (comware r2513p45scope:neversion:93x5)

Trust: 0.3

vendor:hpmodel:msr 50-g2 (comware r2513p45scope:neversion:5)

Trust: 0.3

vendor:hpmodel:msr (comware r2513p45scope:neversion:505)

Trust: 0.3

vendor:hpmodel:msr (comware r2513p45scope:neversion:30-1x5)

Trust: 0.3

vendor:hpmodel:msr (comware r2513p45scope:neversion:30-165)

Trust: 0.3

vendor:hpmodel:msr (comware r2513p45scope:neversion:305)

Trust: 0.3

vendor:hpmodel:hsr6800 ru r3303p18scope:neversion:5

Trust: 0.3

vendor:hpmodel:hsr6800 (comware r3303p18scope:neversion:5)

Trust: 0.3

vendor:hpmodel:hsr6602 ru r3303p18scope:neversion:5

Trust: 0.3

vendor:hpmodel:hsr6602 (comware r3303p18scope:neversion:5)

Trust: 0.3

vendor:hpmodel:hp870 (comware r2607p35scope:neversion:5)

Trust: 0.3

vendor:hpmodel:hp850 (comware r2607p35scope:neversion:5)

Trust: 0.3

vendor:hpmodel:hp830 (comware r3507p35scope:neversion:5)

Trust: 0.3

vendor:hpmodel:hp6000 (comware r2507p35scope:neversion:5)

Trust: 0.3

vendor:hpmodel:f5000-c/s (comware r3811p03scope:neversion:5)

Trust: 0.3

vendor:hpmodel:f5000-a (comware f3210p23scope:neversion:5)

Trust: 0.3

vendor:hpmodel:f1000-s-ei (comware r3734p06scope:neversion:5)

Trust: 0.3

vendor:hpmodel:f1000-e (comware r3181p05scope:neversion:5)

Trust: 0.3

vendor:hpmodel:f1000-a-ei (comware r3734p06scope:neversion:5)

Trust: 0.3

vendor:hpmodel:a6600 (comware r3303p18scope:neversion:5)

Trust: 0.3

vendor:hpmodel:9500e (comware r1828p06scope:neversion:5)

Trust: 0.3

vendor:hpmodel:(comware r3627p04scope:neversion:88005)

Trust: 0.3

vendor:hpmodel:(comware r2122scope:neversion:79007)

Trust: 0.3

vendor:hpmodel:(comware r6708p10scope:neversion:75005)

Trust: 0.3

vendor:hpmodel:ru r3303p18scope:neversion:66025

Trust: 0.3

vendor:hpmodel:rse ru r3303p18scope:neversion:66005

Trust: 0.3

vendor:hpmodel:rpe ru r3303p18scope:neversion:66005

Trust: 0.3

vendor:hpmodel:(comware r2311p06scope:neversion:59207)

Trust: 0.3

vendor:hpmodel:(comware r2311p06scope:neversion:59007)

Trust: 0.3

vendor:hpmodel:(comware r1118p11scope:neversion:58305)

Trust: 0.3

vendor:hpmodel:(comware r1809p03scope:neversion:58205)

Trust: 0.3

vendor:hpmodel:(comware r7006p12scope:neversion:58007)

Trust: 0.3

vendor:hpmodel:(comware r1809p03scope:neversion:58005)

Trust: 0.3

vendor:hpmodel:(comware r2311p06scope:neversion:57007)

Trust: 0.3

vendor:hpmodel:5500si (comware r2221p08scope:neversion:5)

Trust: 0.3

vendor:hpmodel:hi (comware r5501p06scope:neversion:55005)

Trust: 0.3

vendor:hpmodel:(comware r3108p03scope:neversion:51307)

Trust: 0.3

vendor:hpmodel:(comware r1112scope:neversion:129007)

Trust: 0.3

vendor:hpmodel:(comware r7328p04scope:neversion:125007)

Trust: 0.3

vendor:hpmodel:(comware r7169p01scope:neversion:119007)

Trust: 0.3

vendor:hpmodel:(comware r7150scope:neversion:105007)

Trust: 0.3

sources: CERT/CC: VU#852879 // BID: 71757 // BID: 71761 // JVNDB: JVNDB-2014-007350 // NVD: CVE-2014-9293

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-9293
value: HIGH

Trust: 1.0

NVD: CVE-2014-9293
value: MEDIUM

Trust: 0.8

nvd@nist.gov: CVE-2014-9293
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: CVE-2014-9293
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

sources: JVNDB: JVNDB-2014-007350 // NVD: CVE-2014-9293

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-Other

Trust: 0.8

sources: JVNDB: JVNDB-2014-007350 // NVD: CVE-2014-9293

THREAT TYPE

network

Trust: 0.6

sources: BID: 71757 // BID: 71761

TYPE

Design Error

Trust: 0.3

sources: BID: 71757

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-007350

PATCH

title:ntp-4.2.2p1-18.0.1.AXS3url:https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=4191&sType=&sProduct=&published=1

Trust: 0.8

title:ntp-4.2.6p5-2.0.2.AXS4url:https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=4190&sType=&sProduct=&published=1

Trust: 0.8

title:cisco-sa-20141222-ntpdurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd

Trust: 0.8

title:HPSBGN03277 SSRT101957url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04582466

Trust: 0.8

title:HPSBPV03266 SSRT101878url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c04574882

Trust: 0.8

title:NV15-009url:http://jpn.nec.com/security-info/secinfo/nv15-009.html

Trust: 0.8

title:Bug 2665url:http://bugs.ntp.org/show_bug.cgi?id=2665

Trust: 0.8

title:Security Noticeurl:http://support.ntp.org/bin/view/Main/SecurityNotice

Trust: 0.8

title:Changes for ntpd/ntp_config.curl:http://bk1.ntp.org/ntp-dev/ntpd/ntp_config.c?PAGE=diffs&REV=4b6089c5KXhXqZqocF0DMXnQQsjOuw

Trust: 0.8

title:Bug 1176032url:https://bugzilla.redhat.com/show_bug.cgi?id=1176032

Trust: 0.8

title:RHSA-2015:0104url:https://rhn.redhat.com/errata/RHSA-2015-0104.html

Trust: 0.8

title:RHSA-2014:2025url:https://rhn.redhat.com/errata/RHSA-2014-2025.html

Trust: 0.8

title:サーバ・クライアント製品 Network Time Protocol daemon (ntpd)の脆弱性(CVE-2014-9293〜9296)による影響についてurl:http://www.hitachi.co.jp/products/it/server/security/info/vulnerable/ntpd_cve-2014-9293.html

Trust: 0.8

title:cisco-sa-20141222-ntpdurl:http://www.cisco.com/cisco/web/support/JP/112/1127/1127934_cisco-sa-20141222-ntpd-j.html

Trust: 0.8

sources: JVNDB: JVNDB-2014-007350

EXTERNAL IDS

db:CERT/CCid:VU#852879

Trust: 3.3

db:NVDid:CVE-2014-9293

Trust: 3.2

db:BIDid:71757

Trust: 1.3

db:ICS CERTid:ICSA-14-353-01

Trust: 1.1

db:MCAFEEid:SB10103

Trust: 1.0

db:SECUNIAid:62209

Trust: 1.0

db:ICS CERTid:ICSA-14-353-01C

Trust: 0.8

db:JVNid:JVNVU96605606

Trust: 0.8

db:JVNDBid:JVNDB-2014-007350

Trust: 0.8

db:ICS CERTid:ICSA-14-353-01A

Trust: 0.6

db:JUNIPERid:JSA10663

Trust: 0.6

db:BIDid:71761

Trust: 0.3

db:PACKETSTORMid:130140

Trust: 0.1

db:PACKETSTORMid:130481

Trust: 0.1

db:PACKETSTORMid:129686

Trust: 0.1

db:PACKETSTORMid:131356

Trust: 0.1

db:PACKETSTORMid:131149

Trust: 0.1

db:PACKETSTORMid:129680

Trust: 0.1

db:PACKETSTORMid:129693

Trust: 0.1

db:PACKETSTORMid:129684

Trust: 0.1

sources: CERT/CC: VU#852879 // BID: 71757 // BID: 71761 // JVNDB: JVNDB-2014-007350 // PACKETSTORM: 130140 // PACKETSTORM: 130481 // PACKETSTORM: 129686 // PACKETSTORM: 131356 // PACKETSTORM: 131149 // PACKETSTORM: 129680 // PACKETSTORM: 129693 // PACKETSTORM: 129684 // NVD: CVE-2014-9293

REFERENCES

url:http://www.kb.cert.org/vuls/id/852879

Trust: 2.5

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20141222-ntpd

Trust: 2.4

url:http://support.ntp.org/bin/view/main/securitynotice

Trust: 2.0

url:http://advisories.mageia.org/mgasa-2014-0541.html

Trust: 1.9

url:http://lists.ntp.org/pipermail/announce/2014-december/000122.html

Trust: 1.6

url:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Trust: 1.6

url:https://bugzilla.redhat.com/show_bug.cgi?id=1176032

Trust: 1.3

url:http://www.ntp.org/downloads.html

Trust: 1.1

url:https://ics-cert.us-cert.gov/advisories/icsa-14-353-01

Trust: 1.1

url:https://support.apple.com/en-us/ht6601

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2015-0104.html

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9293

Trust: 1.0

url:http://bk1.ntp.org/ntp-dev/ntpd/ntp_config.c?page=diffs&rev=4b6089c5kxhxqzqocf0dmxnqqsjouw

Trust: 1.0

url:http://bugs.ntp.org/show_bug.cgi?id=2665

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=142469153211996&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=142590659431171&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=142853370924302&w=2

Trust: 1.0

url:http://marc.info/?l=bugtraq&m=144182594518755&w=2

Trust: 1.0

url:http://rhn.redhat.com/errata/rhsa-2014-2025.html

Trust: 1.0

url:http://secunia.com/advisories/62209

Trust: 1.0

url:http://www.mandriva.com/security/advisories?name=mdvsa-2015:003

Trust: 1.0

url:http://www.securityfocus.com/bid/71757

Trust: 1.0

url:https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04790232

Trust: 1.0

url:https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c04916783

Trust: 1.0

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10103

Trust: 1.0

url:https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8

Trust: 1.0

url:https://rhn.redhat.com/errata/rhsa-2014-2024.html

Trust: 0.9

url:http://support.ntp.org/bin/view/support/accessrestrictions#section_6.5.2

Trust: 0.8

url:http://www.ntp.org/ntpfaq/ntp-s-algo-crypt.htm

Trust: 0.8

url:http://googleprojectzero.blogspot.com/2015/01/finding-and-exploiting-ntpd.html

Trust: 0.8

url:https://support.f5.com/kb/en-us/solutions/public/15000/900/sol15936.html

Trust: 0.8

url:https://www.freebsd.org/security/advisories/freebsd-sa-15:07.ntp.asc

Trust: 0.8

url:https://ics-cert.us-cert.gov/advisories/icsa-14-353-01c

Trust: 0.8

url:http://jvn.jp/vu/jvnvu96605606/index.html

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9293

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2014-9294

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2014-9295

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2014-9293

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2014-9296

Trust: 0.8

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10663&cat=sirt_1&actp=list

Trust: 0.6

url:http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/archive/hw-408044.htm

Trust: 0.6

url:https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04574882

Trust: 0.6

url:https://downloads.avaya.com/css/p8/documents/101006439

Trust: 0.6

url:http://support.citrix.com/article/ctx200355

Trust: 0.6

url:http://seclists.org/bugtraq/2015/jan/att-97/esa-2015-004.txt

Trust: 0.6

url:https://www.freebsd.org/security/advisories/freebsd-sa-14:31.ntp.asc

Trust: 0.6

url:https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04582466

Trust: 0.6

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c04916783

Trust: 0.6

url:http://seclists.org/bugtraq/2015/sep/41

Trust: 0.6

url:https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04554677

Trust: 0.6

url:http://www-01.ibm.com/support/docview.wss?uid=swg21966675

Trust: 0.6

url:http://www-01.ibm.com/support/docview.wss?uid=swg21967791

Trust: 0.6

url:http://www-01.ibm.com/support/docview.wss?uid=swg21696755

Trust: 0.6

url:https://ics-cert.us-cert.gov/advisories/icsa-14-353-01a

Trust: 0.6

url:http://aix.software.ibm.com/aix/efixes/security/ntp_advisory2.asc

Trust: 0.6

url:https://downloads.avaya.com/css/p8/documents/101006440

Trust: 0.6

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1022036

Trust: 0.6

url:http://www-01.ibm.com/support/docview.wss?uid=isg1ssrvpoaix71security150210-1549

Trust: 0.6

url:http://www-01.ibm.com/support/docview.wss?uid=swg21696812

Trust: 0.6

url:http://www-01.ibm.com/support/docview.wss?uid=nas8n1020645

Trust: 0.6

url:https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097490

Trust: 0.6

url:http://www.hitachi.co.jp/products/it/server/security/global/info/vulnerable/ntpd_cve-2014-9293.html

Trust: 0.6

url:http://www-01.ibm.com/support/docview.wss?uid=swg21699578

Trust: 0.3

url:https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097484

Trust: 0.3

url:https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_ntp

Trust: 0.3

url:http://www.ntp.org/

Trust: 0.3

url:https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5097113

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1022073

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21698473

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005067

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2014-9297

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2014-9295

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2014-9294

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2014-9293

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2014-9296

Trust: 0.2

url:https://bugzilla.redhat.com/):

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.2

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.2

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.2

url:https://www.hp.com/go/swa

Trust: 0.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9294

Trust: 0.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9296

Trust: 0.2

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9295

Trust: 0.2

url:http://www.debian.org/security/

Trust: 0.2

url:https://h20392.www2.hp.com/portal/sw

Trust: 0.1

url:http://h20565.www2.hp.com/portal/site/hpsc?

Trust: 0.1

url:https://h20392.www2.hp.com/portal/swdepot/displayproductinfo.do?productnumber

Trust: 0.1

url:http://www.mandriva.com/en/support/security/

Trust: 0.1

url:http://www.mandriva.com/en/support/security/advisories/

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9297

Trust: 0.1

url:http://advisories.mageia.org/mgasa-2015-0063.html

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9298

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-9298

Trust: 0.1

url:http://www.debian.org/security/faq

Trust: 0.1

url:http://slackware.com

Trust: 0.1

url:http://osuosl.org)

Trust: 0.1

url:http://slackware.com/gpg-key

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.10.1

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-2449-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.4p8+dfsg-1ubuntu2.2

Trust: 0.1

sources: CERT/CC: VU#852879 // BID: 71757 // BID: 71761 // JVNDB: JVNDB-2014-007350 // PACKETSTORM: 130140 // PACKETSTORM: 130481 // PACKETSTORM: 129686 // PACKETSTORM: 131356 // PACKETSTORM: 131149 // PACKETSTORM: 129680 // PACKETSTORM: 129693 // PACKETSTORM: 129684 // NVD: CVE-2014-9293

CREDITS

Neel Mehta of the Google Security Team.

Trust: 0.3

sources: BID: 71757

SOURCES

db:CERT/CCid:VU#852879
db:BIDid:71757
db:BIDid:71761
db:JVNDBid:JVNDB-2014-007350
db:PACKETSTORMid:130140
db:PACKETSTORMid:130481
db:PACKETSTORMid:129686
db:PACKETSTORMid:131356
db:PACKETSTORMid:131149
db:PACKETSTORMid:129680
db:PACKETSTORMid:129693
db:PACKETSTORMid:129684
db:NVDid:CVE-2014-9293

LAST UPDATE DATE

2024-11-22T19:52:03.679000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#852879date:2015-10-27T00:00:00
db:BIDid:71757date:2016-10-26T05:10:00
db:BIDid:71761date:2016-10-26T04:13:00
db:JVNDBid:JVNDB-2014-007350date:2017-03-09T00:00:00
db:NVDid:CVE-2014-9293date:2021-11-17T22:15:37.470

SOURCES RELEASE DATE

db:CERT/CCid:VU#852879date:2014-12-19T00:00:00
db:BIDid:71757date:2014-12-19T00:00:00
db:BIDid:71761date:2014-12-19T00:00:00
db:JVNDBid:JVNDB-2014-007350date:2014-12-24T00:00:00
db:PACKETSTORMid:130140date:2015-01-29T06:07:22
db:PACKETSTORMid:130481date:2015-02-19T19:22:00
db:PACKETSTORMid:129686date:2014-12-22T17:16:27
db:PACKETSTORMid:131356date:2015-04-09T16:21:15
db:PACKETSTORMid:131149date:2015-03-30T21:48:37
db:PACKETSTORMid:129680date:2014-12-22T17:15:01
db:PACKETSTORMid:129693date:2014-12-23T15:41:03
db:PACKETSTORMid:129684date:2014-12-22T17:16:05
db:NVDid:CVE-2014-9293date:2014-12-20T02:59:00.053