ID

VAR-201708-1547


CVE

CVE-2015-7704


TITLE

NTP.org ntpd contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#718152

DESCRIPTION

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. The NTP.org reference implementation of ntpd contains multiple vulnerabilities. NTP Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Network Time Protocol is prone to a denial-of-service vulnerability. An attacker can leverage this issue to cause a denial-of-service condition. Oracle Integrated Lights Out Manager is prone to a remote security vulnerability in ILOM. The vulnerability can be exploited over the 'SSH' protocol. The 'SSH' sub component is affected. This vulnerability affects the following supported versions: 3.0, 3.1, 3.2 NOTE: This BID is being retired as it is a duplicate of BID 75990 (OpenSSH Login Handling Security Bypass Weakness). Summary: Updated ntp packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. (CVE-2015-7704) It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. A man-in-the-middle attacker able to intercept NTP traffic between a connecting client and an NTP server could use this flaw to force that client to make multiple steps larger than the panic threshold, effectively changing the time to an arbitrary value. (CVE-2015-5300) Red Hat would like to thank Aanchal Malhotra, Isaac E. Cohen, and Sharon Goldberg of Boston University for reporting these issues. All ntp users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1271070 - CVE-2015-7704 ntp: disabling synchronization via crafted KoD packet 1271076 - CVE-2015-5300 ntp: MITM attacker can force ntpd to make a step larger than the panic threshold 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ntp-4.2.6p5-5.el6_7.2.src.rpm i386: ntp-4.2.6p5-5.el6_7.2.i686.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntpdate-4.2.6p5-5.el6_7.2.i686.rpm x86_64: ntp-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntp-perl-4.2.6p5-5.el6_7.2.i686.rpm noarch: ntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ntp-4.2.6p5-5.el6_7.2.src.rpm x86_64: ntp-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): noarch: ntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ntp-4.2.6p5-5.el6_7.2.src.rpm i386: ntp-4.2.6p5-5.el6_7.2.i686.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntpdate-4.2.6p5-5.el6_7.2.i686.rpm ppc64: ntp-4.2.6p5-5.el6_7.2.ppc64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.ppc64.rpm ntpdate-4.2.6p5-5.el6_7.2.ppc64.rpm s390x: ntp-4.2.6p5-5.el6_7.2.s390x.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.s390x.rpm ntpdate-4.2.6p5-5.el6_7.2.s390x.rpm x86_64: ntp-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntp-perl-4.2.6p5-5.el6_7.2.i686.rpm noarch: ntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm ppc64: ntp-debuginfo-4.2.6p5-5.el6_7.2.ppc64.rpm ntp-perl-4.2.6p5-5.el6_7.2.ppc64.rpm s390x: ntp-debuginfo-4.2.6p5-5.el6_7.2.s390x.rpm ntp-perl-4.2.6p5-5.el6_7.2.s390x.rpm x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ntp-4.2.6p5-5.el6_7.2.src.rpm i386: ntp-4.2.6p5-5.el6_7.2.i686.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntpdate-4.2.6p5-5.el6_7.2.i686.rpm x86_64: ntp-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntpdate-4.2.6p5-5.el6_7.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-5.el6_7.2.i686.rpm ntp-perl-4.2.6p5-5.el6_7.2.i686.rpm noarch: ntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-5.el6_7.2.x86_64.rpm ntp-perl-4.2.6p5-5.el6_7.2.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: ntp-4.2.6p5-19.el7_1.3.src.rpm x86_64: ntp-4.2.6p5-19.el7_1.3.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm ntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm ntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm sntp-4.2.6p5-19.el7_1.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: ntp-4.2.6p5-19.el7_1.3.src.rpm x86_64: ntp-4.2.6p5-19.el7_1.3.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm ntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm ntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm sntp-4.2.6p5-19.el7_1.3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ntp-4.2.6p5-19.el7_1.3.src.rpm ppc64: ntp-4.2.6p5-19.el7_1.3.ppc64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.ppc64.rpm ntpdate-4.2.6p5-19.el7_1.3.ppc64.rpm s390x: ntp-4.2.6p5-19.el7_1.3.s390x.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.s390x.rpm ntpdate-4.2.6p5-19.el7_1.3.s390x.rpm x86_64: ntp-4.2.6p5-19.el7_1.3.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm ntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ntp-4.2.6p5-19.ael7b_1.3.src.rpm ppc64le: ntp-4.2.6p5-19.ael7b_1.3.ppc64le.rpm ntp-debuginfo-4.2.6p5-19.ael7b_1.3.ppc64le.rpm ntpdate-4.2.6p5-19.ael7b_1.3.ppc64le.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm ntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm ppc64: ntp-debuginfo-4.2.6p5-19.el7_1.3.ppc64.rpm sntp-4.2.6p5-19.el7_1.3.ppc64.rpm s390x: ntp-debuginfo-4.2.6p5-19.el7_1.3.s390x.rpm sntp-4.2.6p5-19.el7_1.3.s390x.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm sntp-4.2.6p5-19.el7_1.3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.ael7b_1.3.noarch.rpm ntp-perl-4.2.6p5-19.ael7b_1.3.noarch.rpm ppc64le: ntp-debuginfo-4.2.6p5-19.ael7b_1.3.ppc64le.rpm sntp-4.2.6p5-19.ael7b_1.3.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: ntp-4.2.6p5-19.el7_1.3.src.rpm x86_64: ntp-4.2.6p5-19.el7_1.3.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm ntpdate-4.2.6p5-19.el7_1.3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_1.3.noarch.rpm ntp-perl-4.2.6p5-19.el7_1.3.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_1.3.x86_64.rpm sntp-4.2.6p5-19.el7_1.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-5300 https://access.redhat.com/security/cve/CVE-2015-7704 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201607-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: NTP: Multiple vulnerabilities Date: July 20, 2016 Bugs: #563774, #572452, #581528, #584954 ID: 201607-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in NTP, the worst of which could lead to Denial of Service. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/ntp < 4.2.8_p8 >= 4.2.8_p8 Description =========== Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Resolution ========== All NTP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.8_p8" References ========== [ 1 ] CVE-2015-7691 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7691 [ 2 ] CVE-2015-7692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7692 [ 3 ] CVE-2015-7701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7701 [ 4 ] CVE-2015-7702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7702 [ 5 ] CVE-2015-7703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7703 [ 6 ] CVE-2015-7704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7704 [ 7 ] CVE-2015-7705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7705 [ 8 ] CVE-2015-7848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7848 [ 9 ] CVE-2015-7849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7849 [ 10 ] CVE-2015-7850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7850 [ 11 ] CVE-2015-7851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7851 [ 12 ] CVE-2015-7852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7852 [ 13 ] CVE-2015-7853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7853 [ 14 ] CVE-2015-7854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7854 [ 15 ] CVE-2015-7855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7855 [ 16 ] CVE-2015-7871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871 [ 17 ] CVE-2015-7973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7973 [ 18 ] CVE-2015-7974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7974 [ 19 ] CVE-2015-7975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7975 [ 20 ] CVE-2015-7976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7976 [ 21 ] CVE-2015-7977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7977 [ 22 ] CVE-2015-7978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7978 [ 23 ] CVE-2015-7979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7979 [ 24 ] CVE-2015-8138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8138 [ 25 ] CVE-2015-8139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8139 [ 26 ] CVE-2015-8140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8140 [ 27 ] CVE-2015-8158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8158 [ 28 ] CVE-2016-1547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1547 [ 29 ] CVE-2016-1548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1548 [ 30 ] CVE-2016-1549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1549 [ 31 ] CVE-2016-1550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1550 [ 32 ] CVE-2016-1551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1551 [ 33 ] CVE-2016-2516 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2516 [ 34 ] CVE-2016-2517 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2517 [ 35 ] CVE-2016-2518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2518 [ 36 ] CVE-2016-2519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2519 [ 37 ] CVE-2016-4953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4953 [ 38 ] CVE-2016-4954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4954 [ 39 ] CVE-2016-4955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4955 [ 40 ] CVE-2016-4956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4956 [ 41 ] CVE-2016-4957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4957 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201607-15 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Release Date: 2016-09-21 Last Updated: 2016-09-21 Potential Security Impact: Multiple Remote Vulnerabilities Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities in NTP have been addressed with HPE Comware 7 (CW7) network products. References: - CVE-2015-7704 - CVE-2015-7705 - CVE-2015-7855 - CVE-2015-7871 - PSRT110228 - SSRT102943 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. - Comware 7 (CW7) Products - Please refer to the RESOLUTION below for a list of impacted products. All product versions are impacted prior to the fixed versions listed. BACKGROUND CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector CVE-2015-7704 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P) CVE-2015-7705 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P) CVE-2015-7855 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P) CVE-2015-7871 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N) Information on CVSS is documented in HPE Customer Notice HPSN-2008-002 here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499 RESOLUTION HPE has released the following software updates to resolve the vulnerabilities in HPE Comware 7 network products. **COMWARE 7 Products** + **12500 (Comware 7) - Version: R7377** * HP Network Products - JC072B HP 12500 Main Processing Unit - JC085A HP A12518 Switch Chassis - JC086A HP A12508 Switch Chassis - JC652A HP 12508 DC Switch Chassis - JC653A HP 12518 DC Switch Chassis - JC654A HP 12504 AC Switch Chassis - JC655A HP 12504 DC Switch Chassis - JF430A HP A12518 Switch Chassis - JF430B HP 12518 Switch Chassis - JF430C HP 12518 AC Switch Chassis - JF431A HP A12508 Switch Chassis - JF431B HP 12508 Switch Chassis - JF431C HP 12508 AC Switch Chassis - JG497A HP 12500 MPU w/Comware V7 OS - JG782A HP FF 12508E AC Switch Chassis - JG783A HP FF 12508E DC Switch Chassis - JG784A HP FF 12518E AC Switch Chassis - JG785A HP FF 12518E DC Switch Chassis - JG802A HP FF 12500E MPU + **10500 (Comware 7) - Version: R7178** * HP Network Products - JC611A HP 10508-V Switch Chassis - JC612A HP 10508 Switch Chassis - JC613A HP 10504 Switch Chassis - JC748A HP 10512 Switch Chassis - JG608A HP FlexFabric 11908-V Switch Chassis - JG609A HP FlexFabric 11900 Main Processing Unit - JG820A HP 10504 TAA Switch Chassis - JG821A HP 10508 TAA Switch Chassis - JG822A HP 10508-V TAA Switch Chassis - JG823A HP 10512 TAA Switch Chassis - JG496A HP 10500 Type A MPU w/Comware v7 OS - JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System - JH206A HP 10500 Type D TAA-compliant with Comware v7 Operating System Main Processing Unit + **12900 (Comware 7) - Version: R1138P03** * HP Network Products - JG619A HP FlexFabric 12910 Switch AC Chassis - JG621A HP FlexFabric 12910 Main Processing Unit - JG632A HP FlexFabric 12916 Switch AC Chassis - JG634A HP FlexFabric 12916 Main Processing Unit - JH104A HP FlexFabric 12900E Main Processing Unit - JH114A HP FlexFabric 12910 TAA-compliant Main Processing Unit - JH263A HP FlexFabric 12904E Main Processing Unit - JH255A HP FlexFabric 12908E Switch Chassis - JH262A HP FlexFabric 12904E Switch Chassis - JH113A HP FlexFabric 12910 TAA-compliant Switch AC Chassis - JH103A HP FlexFabric 12916E Switch Chassis + **5900 (Comware 7) - Version: R2422P02** * HP Network Products - JC772A HP 5900AF-48XG-4QSFP+ Switch - JG296A HP 5920AF-24XG Switch - JG336A HP 5900AF-48XGT-4QSFP+ Switch - JG510A HP 5900AF-48G-4XG-2QSFP+ Switch - JG554A HP 5900AF-48XG-4QSFP+ TAA Switch - JG555A HP 5920AF-24XG TAA Switch - JG838A HP FF 5900CP-48XG-4QSFP+ Switch - JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant - JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch - JH038A HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant + **MSR1000 (Comware 7) - Version: R0305P08** * HP Network Products - JG875A HP MSR1002-4 AC Router - JH060A HP MSR1003-8S AC Router + **MSR2000 (Comware 7) - Version: R0305P08** * HP Network Products - JG411A HP MSR2003 AC Router - JG734A HP MSR2004-24 AC Router - JG735A HP MSR2004-48 Router - JG866A HP MSR2003 TAA-compliant AC Router + **MSR3000 (Comware 7) - Version: R0305P08** * HP Network Products - JG404A HP MSR3064 Router - JG405A HP MSR3044 Router - JG406A HP MSR3024 AC Router - JG407A HP MSR3024 DC Router - JG408A HP MSR3024 PoE Router - JG409A HP MSR3012 AC Router - JG410A HP MSR3012 DC Router - JG861A HP MSR3024 TAA-compliant AC Router + **MSR4000 (Comware 7) - Version: R0305P08** * HP Network Products - JG402A HP MSR4080 Router Chassis - JG403A HP MSR4060 Router Chassis - JG412A HP MSR4000 MPU-100 Main Processing Unit - JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit + **VSR (Comware 7) - Version: E0322** * HP Network Products - JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software - JG811AAE HP VSR1001 Comware 7 Virtual Services Router - JG812AAE HP VSR1004 Comware 7 Virtual Services Router - JG813AAE HP VSR1008 Comware 7 Virtual Services Router + **7900 (Comware 7) - Version: R2138P03** * HP Network Products - JG682A HP FlexFabric 7904 Switch Chassis - JG841A HP FlexFabric 7910 Switch Chassis - JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit - JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit - JH122A HP FlexFabric 7904 TAA-compliant Switch Chassis - JH123A HP FlexFabric 7910 TAA-compliant Switch Chassis - JH124A HP FlexFabric 7910 7.2Tbps TAA-compliant Fabric/Main Processing Unit - JH125A HP FlexFabric 7910 2.4Tbps TAA-compliant Fabric/Main Processing Unit + **5130 (Comware 7) - Version: R3111P03** * HP Network Products - JG932A HP 5130-24G-4SFP+ EI Switch - JG933A HP 5130-24G-SFP-4SFP+ EI Switch - JG934A HP 5130-48G-4SFP+ EI Switch - JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch - JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch - JG938A HP 5130-24G-2SFP+-2XGT EI Switch - JG939A HP 5130-48G-2SFP+-2XGT EI Switch - JG940A HP 5130-24G-PoE+-2SFP+-2XGT (370W) EI Switch - JG941A HP 5130-48G-PoE+-2SFP+-2XGT (370W) EI Switch - JG975A HP 5130-24G-4SFP+ EI Brazil Switch - JG976A HP 5130-48G-4SFP+ EI Brazil Switch - JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch - JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch + **5700 (Comware 7) - Version: R2422P02** * HP Network Products - JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch - JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch - JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch - JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch - JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch - JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch + **5930 (Comware 7) - Version: R2422P02** * HP Network Products - JG726A HP FlexFabric 5930 32QSFP+ Switch - JG727A HP FlexFabric 5930 32QSFP+ TAA-compliant Switch - JH178A HP FlexFabric 5930 2QSFP+ 2-slot Switch - JH179A HP FlexFabric 5930 4-slot Switch - JH187A HP FlexFabric 5930 2QSFP+ 2-slot TAA-compliant Switch - JH188A HP FlexFabric 5930 4-slot TAA-compliant Switch + **HSR6600 (Comware 7) - Version: R7103P07** * HP Network Products - JG353A HP HSR6602-G Router - JG354A HP HSR6602-XG Router - JG776A HP HSR6602-G TAA-compliant Router - JG777A HP HSR6602-XG TAA-compliant Router + **HSR6800 (Comware 7) - Version: R7103P07** * HP Network Products - JG361A HP HSR6802 Router Chassis - JG361B HP HSR6802 Router Chassis - JG362A HP HSR6804 Router Chassis - JG362B HP HSR6804 Router Chassis - JG363A HP HSR6808 Router Chassis - JG363B HP HSR6808 Router Chassis - JG364A HP HSR6800 RSE-X2 Router Main Processing Unit - JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing - JH075A HP HSR6800 RSE-X3 Router Main Processing Unit + **1950 (Comware 7) - Version: R3111P03** * HP Network Products - JG960A HP 1950-24G-4XG Switch - JG961A HP 1950-48G-2SFP+-2XGT Switch - JG962A HP 1950-24G-2SFP+-2XGT-PoE+(370W) Switch - JG963A HP 1950-48G-2SFP+-2XGT-PoE+(370W) Switch + **7500 (Comware 7) - Version: R7178** * HP Network Products - JD238C HP 7510 Switch Chassis - JD239C HP 7506 Switch Chassis - JD240C HP 7503 Switch Chassis - JD242C HP 7502 Switch Chassis - JH207A HP 7500 1.2Tbps Fabric with 2-port 40GbE QSFP+ for IRF-Only Main Processing Unit - JH208A HP 7502 Main Processing Unit - JH209A HP 7500 2.4Tbps Fabric with 8-port 1/10GbE SFP+ and 2-port 40GbE QSFP+ Main Processing Unit + **5130HI - Version: R1118P02** * HP Network Products - JH323A HPE 5130 24G 4SFP+ 1-slot HI Switch - JH324A HPE 5130 48G 4SFP+ 1-slot HI Switch - JH325A HPE 5130 24G PoE+ 4SFP+ 1-slot HI Switch - JH326A HPE 5130 48G PoE+ 4SFP+ 1-slot HI Switch + **5510HI - Version: R1118P02** * HP Network Products - JH145A HPE 5510 24G 4SFP+ HI 1-slot Switch - JH146A HPE 5510 48G 4SFP+ HI 1-slot Switch - JH147A HPE 5510 24G PoE+ 4SFP+ HI 1-slot Switch - JH148A HPE 5510 48G PoE+ 4SFP+ HI 1-slot Switch - JH149A HPE 5510 24G SFP 4SFP+ HI 1-slot Switch **Note:** Please contact HPE Technical Support if any assistance is needed acquiring the software updates. HISTORY Version:1 (rev.1) - 21 September 2016 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2016 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-15:25.ntp Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities of ntp Category: contrib Module: ntp Announced: 2015-10-26 Credits: Network Time Foundation Affects: All supported versions of FreeBSD. Corrected: 2015-10-26 11:35:40 UTC (stable/10, 10.2-STABLE) 2015-10-26 11:36:55 UTC (releng/10.2, 10.2-RELEASE-p6) 2015-10-26 11:37:31 UTC (releng/10.1, 10.1-RELEASE-p23) 2015-10-26 11:36:40 UTC (stable/9, 9.3-STABLE) 2015-10-26 11:42:25 UTC (releng/9.3, 9.3-RELEASE-p29) CVE Name: CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit https://security.FreeBSD.org/. I. II. Problem Description Crypto-NAK packets can be used to cause ntpd(8) to accept time from an unauthenticated ephemeral symmetric peer by bypassing the authentication required to mobilize peer associations. [CVE-2015-7871] FreeBSD 9.3 and 10.1 are not affected. If ntpd(8) is fed a crafted mode 6 or mode 7 packet containing an unusual long data value where a network address is expected, the decodenetnum() function will abort with an assertion failure instead of simply returning a failure condition. [CVE-2015-7855] If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd(8) was configured to disable authentication, then an attacker can send a set of packets to ntpd(8) that may cause it to crash, with the hypothetical possibility of a small code injection. [CVE-2015-7854] A negative value for the datalen parameter will overflow a data buffer. NTF's ntpd(8) driver implementations always set this value to 0 and are therefore not vulnerable to this weakness. If you are running a custom refclock driver in ntpd(8) and that driver supplies a negative value for datalen (no custom driver of even minimal competence would do this) then ntpd would overflow a data buffer. It is even hypothetically possible in this case that instead of simply crashing ntpd the attacker could effect a code injection attack. [CVE-2015-7853] If an attacker can figure out the precise moment that ntpq(8) is listening for data and the port number it is listening on or if the attacker can provide a malicious instance ntpd(8) that victims will connect to then an attacker can send a set of crafted mode 6 response packets that, if received by ntpq(8), can cause ntpq(8) to crash. [CVE-2015-7852] If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd(8) was configured to disable authentication, then an attacker can send a set of packets to ntpd that may cause ntpd(8) to overwrite files. [CVE-2015-7851]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration. If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd(8) was configured to disable authentication, then an attacker can send a set of packets to ntpd that will cause it to crash and/or create a potentially huge log file. Specifically, the attacker could enable extended logging, point the key file at the log file, and cause what amounts to an infinite loop. [CVE-2015-7850]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration. If ntpd(8) is configured to allow remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password or if ntpd was configured to disable authentication, then an attacker can send a set of packets to ntpd that may cause a crash or theoretically perform a code injection attack. [CVE-2015-7849]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration. If ntpd(8) is configured to enable mode 7 packets, and if the use of mode 7 packets is not properly protected thru the use of the available mode 7 authentication and restriction mechanisms, and if the (possibly spoofed) source IP address is allowed to send mode 7 queries, then an attacker can send a crafted packet to ntpd that will cause it to crash. [CVE-2015-7848]. The default configuration of ntpd(8) within FreeBSD does not allow mode 7 packets. If ntpd(8) is configured to use autokey, then an attacker can send packets to ntpd that will, after several days of ongoing attack, cause it to run out of memory. [CVE-2015-7701]. The default configuration of ntpd(8) within FreeBSD does not use autokey. If ntpd(8) is configured to allow for remote configuration, and if the (possibly spoofed) source IP address is allowed to send remote configuration requests, and if the attacker knows the remote configuration password, it's possible for an attacker to use the "pidfile" or "driftfile" directives to potentially overwrite other files. [CVE-2015-5196]. The default configuration of ntpd(8) within FreeBSD does not allow remote configuration An ntpd(8) client that honors Kiss-of-Death responses will honor KoD messages that have been forged by an attacker, causing it to delay or stop querying its servers for time updates. Also, an attacker can forge packets that claim to be from the target and send them to servers often enough that a server that implements KoD rate limiting will send the target machine a KoD response to attempt to reduce the rate of incoming packets, or it may also trigger a firewall block at the server for packets from the target machine. For either of these attacks to succeed, the attacker must know what servers the target is communicating with. An attacker can be anywhere on the Internet and can frequently learn the identity of the target's time source by sending the target a time query. [CVE-2015-7704] The fix for CVE-2014-9750 was incomplete in that there were certain code paths where a packet with particular autokey operations that contained malicious data was not always being completely validated. Receipt of these packets can cause ntpd to crash. [CVE-2015-7702]. The default configuration of ntpd(8) within FreeBSD does not use autokey. III. Impact An attacker which can send NTP packets to ntpd(8), which uses cryptographic authentication of NTP data, may be able to inject malicious time data causing the system clock to be set incorrectly. [CVE-2015-7871] An attacker which can send NTP packets to ntpd(8), can block the communication of the daemon with time servers, causing the system clock not being synchronized. [CVE-2015-7704] An attacker which can send NTP packets to ntpd(8), can remotely crash the daemon, sending malicious data packet. [CVE-2015-7855] [CVE-2015-7854] [CVE-2015-7853] [CVE-2015-7852] [CVE-2015-7849] [CVE-2015-7848] An attacker which can send NTP packets to ntpd(8), can remotely trigger the daemon to overwrite its configuration files. [CVE-2015-7851] [CVE-2015-5196] IV. Workaround No workaround is available, but systems not running ntpd(8) are not affected. Network administrators are advised to implement BCP-38, which helps to reduce risk associated with the attacks. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. The ntpd service has to be restarted after the update. A reboot is recommended but not required. 2) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install The ntpd service has to be restarted after the update. A reboot is recommended but not required. 3) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 10.2] # fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.bz2 # bunzip2 ntp-102.patch.bz2 # fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-102.patch.asc # gpg --verify ntp-102.patch.asc [FreeBSD 10.1] # fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.bz2 # bunzip2 ntp-101.patch.bz2 # fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-101.patch.asc # gpg --verify ntp-101.patch.asc [FreeBSD 9.3] # fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.bz2 # bunzip2 ntp-93.patch.bz2 # fetch https://security.FreeBSD.org/patches/SA-15:25/ntp-93.patch.asc # gpg --verify ntp-93.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # find contrib/ntp -type f -empty -delete c) Recompile the operating system using buildworld and installworld as described in https://www.FreeBSD.org/handbook/makeworld.html. d) For 9.3-RELEASE and 10.1-RELEASE an update to /etc/ntp.conf is recommended, which can be done with help of the mergemaster(8) tool on 9.3-RELEASE and with help of the etcupdate(8) tool on 10.1-RELEASE. Restart the ntpd(8) daemon, or reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/9/ r289998 releng/9.3/ r290001 stable/10/ r289997 releng/10.1/ r290000 releng/10.2/ r289999 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN VII. References https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7703 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871 The latest revision of this advisory is available at https://security.FreeBSD.org/advisories/FreeBSD-SA-15:25.ntp.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJWLhOJAAoJEO1n7NZdz2rn91wP/2GwEt1boNQq2a7nYzv/mS5D sYKkIi7o+2yr2BLXvtc3O7c9QC3/YeGsza9DTRqndcY572SWvRgtkFstMTTm8IV/ RVlIE40gVR3tex0zo7BiD7uKUrxWxWcpwMbE5dzlE+vSybyyj0dSSkwUHJjrbJoA RmyNuEEUhQn5sRCg6qJv/PLp2G7BcYAasKScukjm7QnLP2kq/tvM9mcqwfh2tadM 7kbf8uq+ykvsRzctaDnxQaB5+zJxBQYJjBelxQfIkNek0XGfdj3sRwISeFznbllq mOLTIBaFiuEtHtusO7MKKavMgS5CQJOvuuvd/l3NY1MnxC6X/1SWig9KIKDIn/hv q8dsnq7LLx+tO6Cv4Dub7EbC2ZP3xXGOC4Ie02z8bTZnbX7iwyPUidQQqtU9ra15 rxzFcZnBxu+yyMNJVsV2qVV/r9OycgKxWlEELC1wYrK9fKfvLdA5aEGjDeU1Z+s6 JS2zKr0t4F2bMrCsjYP1lQD8sHkCVjwJk+IJU/slcwSajDjBNlMH0yBxGYE1ETIZ qMF7/PAkLe8V78pdYmXw9pcaPyhI+ihPLnNrdhX8AI2RX5jDK7IuUNJeUM04UrVB 8N+mMwgamcuCPWNNyXaL0bz21fexZOuhHmU+B8Yn3SFX5O5b/r9gGvrjo8ei8jOk EUlBT3ViDhHNrI7PTaiI =djPm -----END PGP SIGNATURE----- . Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p7-i486-1_slack14.1.txz: Upgraded. This release patches several low and medium severity security issues: CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering CVE-2016-1549: Sybil vulnerability: ephemeral association attack, AKA: ntp-sybil - MITIGATION ONLY CVE-2016-2516: Duplicate IPs on unconfig directives will cause an assertion botch CVE-2016-2517: Remote configuration trustedkey/requestkey values are not properly validated CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound with MATCH_ASSOC CVE-2016-2519: ctl_getitem() return value not always checked CVE-2016-1547: Validate crypto-NAKs, AKA: nak-dos CVE-2016-1548: Interleave-pivot - MITIGATION ONLY CVE-2015-7704: KoD fix: peer associations were broken by the fix for NtpBug2901, AKA: Symmetric active/passive mode is broken CVE-2015-8138: Zero Origin Timestamp Bypass, AKA: Additional KoD Checks CVE-2016-1550: Improve NTP security against buffer comparison timing attacks, authdecrypt-timing, AKA: authdecrypt-timing For more information, see: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1548 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1550 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1551 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2516 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2518 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2519 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p7-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p7-x86_64-1_slack13.0.txz Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p7-i486-1_slack13.1.txz Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p7-x86_64-1_slack13.1.txz Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p7-i486-1_slack13.37.txz Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p7-x86_64-1_slack13.37.txz Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p7-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p7-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p7-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p7-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p7-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p7-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 package: 785dc2ef5f80edb28dc781e261c3fe3f ntp-4.2.8p7-i486-1_slack13.0.txz Slackware x86_64 13.0 package: 899421096b7b63e6cb269f8b01dfd875 ntp-4.2.8p7-x86_64-1_slack13.0.txz Slackware 13.1 package: dfd34cbd31be3572a2bcae7f59cdfd91 ntp-4.2.8p7-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 63c4b31736040e7950361cd0d7081c8b ntp-4.2.8p7-x86_64-1_slack13.1.txz Slackware 13.37 package: e760ae0c6cc3fa933e4d65d6995b0c84 ntp-4.2.8p7-i486-1_slack13.37.txz Slackware x86_64 13.37 package: aa448523b27bb4fcccc2f46cf4d72bc5 ntp-4.2.8p7-x86_64-1_slack13.37.txz Slackware 14.0 package: 3bc7e54a4164a4f91be996b5cf2e643e ntp-4.2.8p7-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 0f6ea4dae476709f26f5d0e33378576c ntp-4.2.8p7-x86_64-1_slack14.0.txz Slackware 14.1 package: dbe827ee7ece6ce5ca083cdd5960162c ntp-4.2.8p7-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 89f3edf183a6a9847d69b8349f98c901 ntp-4.2.8p7-x86_64-1_slack14.1.txz Slackware -current package: 4018b86edd15e40e8c5e9f50d907dcff n/ntp-4.2.8p7-i586-1.txz Slackware x86_64 -current package: 7dd6b64ba8c9fdaebb7becc1f5c3963d n/ntp-4.2.8p7-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg ntp-4.2.8p7-i486-1_slack14.1.txz Then, restart the NTP daemon: # sh /etc/rc.d/rc.ntpd restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. 6.6) - i386, noarch, ppc64, s390x, x86_64 3. ============================================================================ Ubuntu Security Notice USN-2783-1 October 27, 2015 ntp vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 15.10 - Ubuntu 15.04 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: Several security issues were fixed in NTP. (CVE-2015-5146) Miroslav Lichvar discovered that NTP incorrectly handled logconfig directives. (CVE-2015-5194) Miroslav Lichvar discovered that NTP incorrectly handled certain statistics types. (CVE-2015-5195) Miroslav Lichvar discovered that NTP incorrectly handled certain file paths. Cohen, and Sharon Goldberg discovered that NTP incorrectly handled restarting after hitting a panic threshold. (CVE-2015-7691, CVE-2015-7692, CVE-2015-7702) It was discovered that NTP incorrectly handled memory when processing certain autokey messages. Cohen, and Sharon Goldberg discovered that NTP incorrectly handled rate limiting. A remote attacker could possibly use this issue to cause clients to stop updating their clock. (CVE-2015-7704, CVE-2015-7705) Yves Younan discovered that NTP incorrectly handled logfile and keyfile directives. (CVE-2015-7850) Yves Younan and Aleksander Nikolich discovered that NTP incorrectly handled ascii conversion. (CVE-2015-7852) Yves Younan discovered that NTP incorrectly handled reference clock memory. A malicious refclock could possibly use this issue to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7853) John D "Doug" Birdwell discovered that NTP incorrectly handled decoding certain bogus values. (CVE-2015-7855) Stephen Gray discovered that NTP incorrectly handled symmetric association authentication. (CVE-2015-7871) In the default installation, attackers would be isolated by the NTP AppArmor profile. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 15.10: ntp 1:4.2.6.p5+dfsg-3ubuntu8.1 Ubuntu 15.04: ntp 1:4.2.6.p5+dfsg-3ubuntu6.2 Ubuntu 14.04 LTS: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.5 Ubuntu 12.04 LTS: ntp 1:4.2.6.p3+dfsg-1ubuntu3.6 In general, a standard system update will make all the necessary changes. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. Workarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details. CVE-2015-5194 It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands. CVE-2015-5195 It was found that ntpd exits with a segmentation fault when a statistics type that was not enabled during compilation (e.g. timingstats) is referenced by the statistics or filegen configuration command CVE-2015-5219 It was discovered that sntp program would hang in an infinite loop when a crafted NTP packet was received, related to the conversion of the precision value in the packet to double. If the threshold is exceeded after that, ntpd will exit with a message to the system log. This option can be used with the -q and -x options. ntpd could actually step the clock multiple times by more than the panic threshold if its clock discipline doesn't have enough time to reach the sync state and stay there for at least one update. This is contrary to what the documentation says. Normally, the assumption is that an MITM attacker can step the clock more than the panic threshold only once when ntpd starts and to make a larger adjustment the attacker has to divide it into multiple smaller steps, each taking 15 minutes, which is slow. CVE-2015-7701 A memory leak flaw was found in ntpd's CRYPTO_ASSOC. CVE-2015-7703 Miroslav Lichvar of Red Hat found that the :config command can be used to set the pidfile and driftfile paths without any restrictions. A remote attacker could use this flaw to overwrite a file on the file system with a file containing the pid of the ntpd process (immediately) or the current estimated drift of the system clock (in hourly intervals). For example: ntpq -c ':config pidfile /tmp/ntp.pid' ntpq -c ':config driftfile /tmp/ntp.drift' In Debian ntpd is configured to drop root privileges, which limits the impact of this issue. CVE-2015-7704 If ntpd as an NTP client receives a Kiss-of-Death (KoD) packet from the server to reduce its polling rate, it doesn't check if the originate timestamp in the reply matches the transmit timestamp from its request. A specially crafted configuration file could cause an endless loop resulting in a denial of service. CVE-2015-7852 A potential off by one vulnerability exists in the cookedprint functionality of ntpq. A specially crafted buffer could cause a buffer overflow potentially resulting in null byte being written out of bounds. CVE-2015-7871 An error handling logic error exists within ntpd that manifests due to improper error condition handling associated with certain crypto-NAK packets. An unauthenticated, off-path attacker can force ntpd processes on targeted servers to peer with time sources of the attacker's choosing by transmitting symmetric active crypto-NAK packets to ntpd. For the oldstable distribution (wheezy), these problems have been fixed in version 1:4.2.6.p5+dfsg-2+deb7u6. For the stable distribution (jessie), these problems have been fixed in version 1:4.2.6.p5+dfsg-7+deb8u1. For the testing distribution (stretch), these problems have been fixed in version 1:4.2.8p4+dfsg-3. For the unstable distribution (sid), these problems have been fixed in version 1:4.2.8p4+dfsg-3. We recommend that you upgrade your ntp packages

Trust: 3.78

sources: NVD: CVE-2015-7704 // CERT/CC: VU#718152 // JVNDB: JVNDB-2015-007700 // BID: 77280 // BID: 92012 // VULMON: CVE-2015-7704 // PACKETSTORM: 134093 // PACKETSTORM: 137992 // PACKETSTORM: 138803 // PACKETSTORM: 134082 // PACKETSTORM: 136864 // PACKETSTORM: 134542 // PACKETSTORM: 134102 // PACKETSTORM: 134034 // PACKETSTORM: 134162

AFFECTED PRODUCTS

vendor:ntpmodel:ntpscope:eqversion:4.2.8

Trust: 1.3

vendor:citrixmodel:xenserverscope:eqversion:6.0.2

Trust: 1.3

vendor:citrixmodel:xenserverscope:eqversion:7.0

Trust: 1.3

vendor:citrixmodel:xenserverscope:eqversion:6.5

Trust: 1.3

vendor:ntpmodel:ntpscope:eqversion:4.3.77

Trust: 1.1

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.6

Trust: 1.0

vendor:ntpmodel:ntpscope:ltversion:4.3.77

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.7

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.4

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.7

Trust: 1.0

vendor:ntpmodel:ntpscope:gteversion:4.3.0

Trust: 1.0

vendor:mcafeemodel:enterprise security managerscope:ltversion:10.4.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:netappmodel:oncommand unified managerscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:6.5

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.3

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:6.5

Trust: 1.0

vendor:ntpmodel:ntpscope:gteversion:4.2.0

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.4

Trust: 1.0

vendor:ntpmodel:ntpscope:ltversion:4.2.8

Trust: 1.0

vendor:netappmodel:data ontapscope:eqversion: -

Trust: 1.0

vendor:mcafeemodel:enterprise security managerscope:ltversion:11.2.0

Trust: 1.0

vendor:citrixmodel:xenserverscope:eqversion:6.2.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.7

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:6.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:6.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.3

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.1

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.3

Trust: 1.0

vendor:mcafeemodel:enterprise security managerscope:gteversion:11.0.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:6.7

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.5

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:netappmodel:oncommand performance managerscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.5

Trust: 1.0

vendor:netappmodel:clustered data ontapscope:eqversion: -

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:7.0

Trust: 1.0

vendor:ntpmodel: - scope: - version: -

Trust: 0.8

vendor:ntpmodel:ntpscope:ltversion:4.3.x

Trust: 0.8

vendor:ntpmodel:ntpscope:eqversion:4.2.8p4

Trust: 0.8

vendor:ntpmodel:ntpscope:ltversion:4.x

Trust: 0.8

vendor:mcafeemodel:web gatewayscope:eqversion:7.6.2.0

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.3.28

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:neversion:7.5.2.9

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.3.2.9.

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.3.2.4

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:neversion:7.6.2.1

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.3.2.9

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.5.2.8

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.4.2.1

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.3.2

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.4.0

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.1.5.1

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.3.2.10

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.4.2

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.2.0.9

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.3.2.6

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.1.5.2

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.4.1

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.4.13

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.0.0

Trust: 0.6

vendor:mcafeemodel:web gatewayscope:eqversion:7.3.2.2

Trust: 0.6

vendor:hpmodel:taa switch chassisscope:eqversion:10508-v0

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:105080

Trust: 0.3

vendor:freebsdmodel:10.2-rc1-p2scope: - version: -

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:8.3.0.0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:7.0

Trust: 0.3

vendor:hpmodel:taa switch chassisscope:eqversion:105080

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.211

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:90000

Trust: 0.3

vendor:ibmmodel:qlogic virtual fabric extension module for ibm bladecenterscope:neversion:9.0.3.14.0

Trust: 0.3

vendor:extremenetworksmodel:extremexosscope:neversion:21.1

Trust: 0.3

vendor:hpmodel:flexfabric 7.2tbps taa-compliant fabric/main processing uniscope:eqversion:79100

Trust: 0.3

vendor:hpmodel:flexfabric 2qsfp+ 2-slot switchscope:eqversion:59300

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.5

Trust: 0.3

vendor:hpmodel:1950-24g-2sfp+-2xgt-poe+ switchscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.1

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.0.4

Trust: 0.3

vendor:hpmodel:hsr6800 rse-x3 router main processing unitscope:eqversion:0

Trust: 0.3

vendor:hpmodel:24g 4sfp+ hi 1-slot switchscope:eqversion:55100

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.24

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:8.4.0.0

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:eqversion:3400

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7

Trust: 0.3

vendor:ciscomodel:small business series wireless access pointsscope:eqversion:3210

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.3

Trust: 0.3

vendor:hpmodel:48g 4sfp+ 1-slot hi switchscope:eqversion:51300

Trust: 0.3

vendor:extremenetworksmodel:extremexosscope:eqversion:15.7.4

Trust: 0.3

vendor:ciscomodel:jabber guestscope:eqversion:10.0(2)

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.219

Trust: 0.3

vendor:freebsdmodel:10.1-release-p5scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.2.0.4

Trust: 0.3

vendor:hpmodel:5130-24g-4sfp+ ei brazil switchscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.2

Trust: 0.3

vendor:ibmmodel:real-time compression appliancescope:eqversion:4.1.2

Trust: 0.3

vendor:ciscomodel:prime license managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:visual quality experience serverscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p22scope: - version: -

Trust: 0.3

vendor:hpmodel:ff 12508e dc switch chassisscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-rc1-p1scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.22

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.4.0

Trust: 0.3

vendor:hpmodel:5130-48g-poe+-4sfp+ ei brazil switchscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime collaboration assurancescope:eqversion:0

Trust: 0.3

vendor:hpmodel:hsr6602-xg taa-compliant routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric 12904e switch chassisscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p10scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p1scope: - version: -

Trust: 0.3

vendor:extremenetworksmodel:extremexos patchscope:eqversion:15.7.38

Trust: 0.3

vendor:hpmodel:1950-48g-2sfp+-2xgt switchscope:eqversion:0

Trust: 0.3

vendor:hpmodel:mpu w/comware osscope:eqversion:12500v70

Trust: 0.3

vendor:ciscomodel:prime infrastructure standalone plug and play gatewayscope:eqversion:0

Trust: 0.3

vendor:hpmodel:ff 12518e dc switch chassisscope:eqversion:0

Trust: 0.3

vendor:hpmodel:5130-24g-poe+-4sfp+ ei brazil switchscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:qlogic 8gb intelligent pass-thru module and san switch modulescope:neversion:7.10.1.37.00

Trust: 0.3

vendor:hpmodel:dc switch chassisscope:eqversion:125040

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.4

Trust: 0.3

vendor:siemensmodel:ruggedcom roxscope:eqversion:1.0

Trust: 0.3

vendor:hpmodel:flexfabric 2.4tbps fabric main processing unitscope:eqversion:7910/0

Trust: 0.3

vendor:ntpmodel:4.2.8p3scope: - version: -

Trust: 0.3

vendor:ciscomodel:prime access registrar appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:scosscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric taa-compliant switch chassisscope:eqversion:79100

Trust: 0.3

vendor:freebsdmodel:10.1-release-p17scope: - version: -

Trust: 0.3

vendor:hpmodel:msr2003 taa-compliant ac routerscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-relengscope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.44

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.2.6

Trust: 0.3

vendor:hpmodel:main processing unitscope:eqversion:125000

Trust: 0.3

vendor:hpmodel:msr2004-48 routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric 5700-32xgt-8xg-2qsfp+ taa-compliant switchscope:eqversion:0

Trust: 0.3

vendor:hpmodel:5900af-48xg-4qsfp+ taa switchscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:clean access managerscope:eqversion:0

Trust: 0.3

vendor:citrixmodel:xenserver common criteriascope:eqversion:6.0.2

Trust: 0.3

vendor:ciscomodel:common services platform collectorscope:eqversion:0

Trust: 0.3

vendor:hpmodel:ac switch chassisscope:eqversion:125080

Trust: 0.3

vendor:freebsdmodel:9.3-beta3-p2scope: - version: -

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:wap371 wireless access pointscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.2

Trust: 0.3

vendor:hpmodel:flexfabric 12916e switch chassisscope:eqversion:0

Trust: 0.3

vendor:ntpmodel:p1scope:eqversion:4.2.2

Trust: 0.3

vendor:hpmodel:flexfabric 5700-48g-4xg-2qsfp+ switchscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.1-rc2-p3scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux server eus 6.7.zscope: - version: -

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1

Trust: 0.3

vendor:freebsdmodel:10.1-release-p23scope:neversion: -

Trust: 0.3

vendor:citrixmodel:xenserver sp1scope:eqversion:6.2.0

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric 7.2tbps fabric main processing unitscope:eqversion:7910/0

Trust: 0.3

vendor:hpmodel:hsr6808 router chassisscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.42

Trust: 0.3

vendor:hpmodel:hsr6800 rse-x2 router taa-compliant main processingscope:eqversion:0

Trust: 0.3

vendor:hpmodel:msr1003-8s ac routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:5130-24g-sfp-4sfp+ ei switchscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric 12900e main processing unitscope:eqversion:0

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:sentinelscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ucs directorscope:eqversion:0

Trust: 0.3

vendor:hpmodel:msr4060 router chassisscope:eqversion:0

Trust: 0.3

vendor:hpmodel:ff 12500e mpuscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:ruggedcom roxscope:eqversion:1.14.5

Trust: 0.3

vendor:ciscomodel:telepresence isdn linkscope:eqversion:0

Trust: 0.3

vendor:hpmodel:1950-24g-4xg switchscope:eqversion:0

Trust: 0.3

vendor:hpmodel:48g poe+ 4sfp+ 1-slot hi switchscope:eqversion:51300

Trust: 0.3

vendor:ciscomodel:physical access managerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric 32qsfp+ switchscope:eqversion:59300

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:powerkvmscope:eqversion:2.1

Trust: 0.3

vendor:hpmodel:ac switch chassisscope:eqversion:125180

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.2.08

Trust: 0.3

vendor:hpmodel:5130-48g-poe+-2sfp+-2xgt ei switchscope:eqversion:0

Trust: 0.3

vendor:hpmodel:msr4000 mpu-100 main processing unitscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:communications session border controllerscope:eqversion:7.2.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.4.0.4

Trust: 0.3

vendor:ciscomodel:nac guest serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:enterprise content delivery systemscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.1

Trust: 0.3

vendor:hpmodel:vsr1001 comware virtual services routerscope:eqversion:70

Trust: 0.3

vendor:freebsdmodel:9.3-rcscope: - version: -

Trust: 0.3

vendor:hpmodel:flexfabric 12904e main processing unitscope:eqversion:0

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:freebsdmodel:9.3-beta1scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.1.08

Trust: 0.3

vendor:hpmodel:5130-24g-4sfp+ ei switchscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.2-rc2-p1scope: - version: -

Trust: 0.3

vendor:hpmodel:ff 12508e ac switch chassisscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.4.0.3

Trust: 0.3

vendor:freebsdmodel:10.1-rc2-p1scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7

Trust: 0.3

vendor:ciscomodel:video delivery system recorderscope:eqversion:0

Trust: 0.3

vendor:hpmodel:msr4080 router chassisscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.213

Trust: 0.3

vendor:freebsdmodel:10.1-releasescope: - version: -

Trust: 0.3

vendor:oraclemodel:communications session border controllerscope:eqversion:7.3.0

Trust: 0.3

vendor:ibmmodel:websphere datapower xc10 appliancescope:eqversion:2.5

Trust: 0.3

vendor:hpmodel:msr3044 routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:5130-48g-4sfp+ ei brazil switchscope:eqversion:0

Trust: 0.3

vendor:ntpmodel:4.2.5p186scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p2scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:3.22

Trust: 0.3

vendor:freebsdmodel:9.3-stablescope:neversion: -

Trust: 0.3

vendor:freebsdmodel:10.1-release-p1scope: - version: -

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:0

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.1

Trust: 0.3

vendor:hpmodel:msr3064 routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:48g poe+ 4sfp+ hi 1-slot switchscope:eqversion:55100

Trust: 0.3

vendor:freebsdmodel:10.1-release-p9scope: - version: -

Trust: 0.3

vendor:extremenetworksmodel:netsight appliancescope:eqversion:6.0

Trust: 0.3

vendor:ntpmodel:4.2.5p3scope: - version: -

Trust: 0.3

vendor:hpmodel:msr2004-24 ac routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric 32qsfp+ taa-compliant switchscope:eqversion:59300

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fixpacscope:eqversion:3.1

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.1

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.2

Trust: 0.3

vendor:rockwellmodel:automation stratixscope:neversion:590015.6.3

Trust: 0.3

vendor:freebsdmodel:9.3-rc2-p1scope: - version: -

Trust: 0.3

vendor:ibmmodel:flex system fc3171 8gb san switch and san pass-thruscope:eqversion:9.1.0.00

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:neversion:2.46

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.0.5

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.3

Trust: 0.3

vendor:ciscomodel:unity expressscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:neversion:2.26

Trust: 0.3

vendor:freebsdmodel:10.2-rc1-p1scope: - version: -

Trust: 0.3

vendor:hpmodel:flexfabric 2qsfp+ 2-slot taa-compliant switchscope:eqversion:59300

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:75030

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:75060

Trust: 0.3

vendor:ntpmodel:4.2.8p5scope: - version: -

Trust: 0.3

vendor:hpmodel:hsr6602-g taa-compliant routerscope:eqversion:0

Trust: 0.3

vendor:extremenetworksmodel:netsight appliancescope:eqversion:6.3

Trust: 0.3

vendor:ciscomodel:telepresence exchange systemscope:eqversion:0

Trust: 0.3

vendor:hpmodel:5130-24g-poe+-2sfp+-2xgt ei switchscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:7

Trust: 0.3

vendor:hpmodel:flexfabric main processing unitscope:eqversion:119000

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.0.4

Trust: 0.3

vendor:freebsdmodel:10.1-beta1-p1scope: - version: -

Trust: 0.3

vendor:rockwellmodel:automation stratixscope:eqversion:59000

Trust: 0.3

vendor:freebsdmodel:9.3-release-p3scope: - version: -

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.32

Trust: 0.3

vendor:hpmodel:5130-24g-poe+-4sfp+ ei switchscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.3

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:75020

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1.2

Trust: 0.3

vendor:hpmodel:msr3024 taa-compliant ac routerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.4.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:2.34

Trust: 0.3

vendor:hpmodel:5900af 48g 4xg 2qsfp+ taa-compliantscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric switch ac chassisscope:eqversion:129160

Trust: 0.3

vendor:freebsdmodel:10.1-stablescope: - version: -

Trust: 0.3

vendor:hpmodel:type a mpu w/comware osscope:eqversion:10500v70

Trust: 0.3

vendor:hpmodel:dc switch chassisscope:eqversion:125080

Trust: 0.3

vendor:hpmodel:5900af-48xgt-4qsfp+ switchscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:intrusion prevention system solutionsscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:onepk all-in-one vmscope:eqversion:0

Trust: 0.3

vendor:citrixmodel:xenserver sp1scope:eqversion:6.5

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.0

Trust: 0.3

vendor:hpmodel:msr3024 dc routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric switch ac chassisscope:eqversion:129100

Trust: 0.3

vendor:freebsdmodel:9.3-beta1-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p25scope: - version: -

Trust: 0.3

vendor:extremenetworksmodel:summit wm3000 seriesscope:eqversion:0

Trust: 0.3

vendor:hpmodel:hsr6800 rse-x2 router main processing unitscope:eqversion:0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.1

Trust: 0.3

vendor:ciscomodel:series ip phones vpn featurescope:eqversion:8800-0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.21

Trust: 0.3

vendor:ciscomodel:small business series wireless access pointsscope:eqversion:1210

Trust: 0.3

vendor:hpmodel:msr3012 dc routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:5130-48g-poe+-4sfp+ ei switchscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:industrial routerscope:eqversion:9100

Trust: 0.3

vendor:freebsdmodel:10.2-beta2-p2scope: - version: -

Trust: 0.3

vendor:hpmodel:vsr1008 comware virtual services routerscope:eqversion:70

Trust: 0.3

vendor:ibmmodel:smartcloud entry fixpackscope:eqversion:2.3.0.33

Trust: 0.3

vendor:hpmodel:type d taa-compliant with comware os main processing unscope:eqversion:10500v70

Trust: 0.3

vendor:ibmmodel:security network protectionscope:eqversion:5.3.2

Trust: 0.3

vendor:ciscomodel:video distribution suite for internet streamingscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.31

Trust: 0.3

vendor:ntpmodel:4.2.8p7scope:neversion: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.218

Trust: 0.3

vendor:hpmodel:flexfabric taa-compliant switch chassisscope:eqversion:79040

Trust: 0.3

vendor:ibmmodel:websphere datapower xc10 appliancescope:eqversion:2.1

Trust: 0.3

vendor:hpmodel:vsr1004 comware virtual services routerscope:eqversion:70

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.20

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1

Trust: 0.3

vendor:hpmodel:24g poe+ 4sfp+ 1-slot hi switchscope:eqversion:51300

Trust: 0.3

vendor:ntpmodel:p4scope:eqversion:4.2.4

Trust: 0.3

vendor:siemensmodel:ruggedcom roxscope:neversion:2.9.0

Trust: 0.3

vendor:slackwaremodel:linux x86 64 -currentscope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.1-beta3-p1scope: - version: -

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.1

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.0

Trust: 0.3

vendor:extremenetworksmodel:netsight appliancescope:neversion:6.4

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2.0.3

Trust: 0.3

vendor:ciscomodel:dcm series 9900-digital content managerscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:9.3

Trust: 0.3

vendor:hpmodel:flexfabric switch chassisscope:eqversion:79100

Trust: 0.3

vendor:freebsdmodel:10.1-rc3-p1scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.3.0

Trust: 0.3

vendor:hpmodel:dc switch chassisscope:eqversion:125180

Trust: 0.3

vendor:hpmodel:hsr6802 router chassisscope:eqversion:0

Trust: 0.3

vendor:hpmodel:hsr6602-xg routerscope:eqversion:0

Trust: 0.3

vendor:extremenetworksmodel:extremexosscope:eqversion:15.7

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:75100

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.214

Trust: 0.3

vendor:hpmodel:flexfabric 5700-32xgt-8xg-2qsfp+ switchscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-prereleasescope: - version: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p21scope: - version: -

Trust: 0.3

vendor:hpmodel:flexfabric 4-slot taa-compliant switchscope:eqversion:59300

Trust: 0.3

vendor:ibmmodel:smartcloud entry fpscope:eqversion:3.19

Trust: 0.3

vendor:freebsdmodel:9.3-release-p24scope: - version: -

Trust: 0.3

vendor:extremenetworksmodel:extremexosscope:neversion:16.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:3.1.0.4

Trust: 0.3

vendor:freebsdmodel:10.1-release-p19scope: - version: -

Trust: 0.3

vendor:hpmodel:hsr6804 router chassisscope:eqversion:0

Trust: 0.3

vendor:extremenetworksmodel:extremexosscope:eqversion:15.4.1.0

Trust: 0.3

vendor:hpmodel:ac switch chassisscope:eqversion:125040

Trust: 0.3

vendor:siemensmodel:ruggedcom roxscope:eqversion:2.6.2

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fixpacscope:eqversion:3.2

Trust: 0.3

vendor:hpmodel:5900af-48g-4xg-2qsfp+ switchscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p13scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.1-prereleasescope: - version: -

Trust: 0.3

vendor:hpmodel:msr3024 ac routerscope:eqversion:0

Trust: 0.3

vendor:extremenetworksmodel:purview appliancescope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.113

Trust: 0.3

vendor:hpmodel:ff 5900cp-48xg-4qsfp+ switchscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:network device security assessmentscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.3.0.4

Trust: 0.3

vendor:hpmodel:24g 4sfp+ 1-slot hi switchscope:eqversion:51300

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:3.11

Trust: 0.3

vendor:ciscomodel:asa cx and cisco prime security managerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:5920af-24xg switchscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric 4-slot switchscope:eqversion:59300

Trust: 0.3

vendor:extremenetworksmodel:nac appliancescope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:flexfabric 5700-40xg-2qsfp+ taa-compliant switchscope:eqversion:0

Trust: 0.3

vendor:hpmodel:msr2003 ac routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:msr4000 taa-compliant mpu-100 main processing unitscope:eqversion:0

Trust: 0.3

vendor:siemensmodel:ruggedcom roxscope:eqversion:1.16

Trust: 0.3

vendor:freebsdmodel:9.3-release-p29scope:neversion: -

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.110

Trust: 0.3

vendor:ciscomodel:standalone rack server cimcscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:8.2.0.0

Trust: 0.3

vendor:hpmodel:flexfabric main processing unitscope:eqversion:129160

Trust: 0.3

vendor:freebsdmodel:9.3-rc2scope: - version: -

Trust: 0.3

vendor:extremenetworksmodel:purview appliancescope:eqversion:6.3

Trust: 0.3

vendor:freebsdmodel:9.3-rc3-p1scope: - version: -

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.37

Trust: 0.3

vendor:freebsdmodel:freebsdscope:eqversion:10.2

Trust: 0.3

vendor:hpmodel:flexfabric main processing unitscope:eqversion:129100

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:3.21

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.70

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:neversion:2.36

Trust: 0.3

vendor:ciscomodel:telepresence video communication serverscope:eqversion:0

Trust: 0.3

vendor:extremenetworksmodel:nac appliancescope:eqversion:6.3

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:125080

Trust: 0.3

vendor:ciscomodel:telepresence sx seriesscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-rc1-p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.1-rc4-p1scope: - version: -

Trust: 0.3

vendor:ciscomodel:meetingplacescope:eqversion:0

Trust: 0.3

vendor:hpmodel:48g 4sfp+ hi 1-slot switchscope:eqversion:55100

Trust: 0.3

vendor:ibmmodel:security guardiumscope:eqversion:10.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.3.0.3

Trust: 0.3

vendor:ciscomodel:unified computing system e-series blade serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.0

Trust: 0.3

vendor:ntpmodel:ntpscope:neversion:4.3.92

Trust: 0.3

vendor:hpmodel:flexfabric taa-compliant main processing unitscope:eqversion:129100

Trust: 0.3

vendor:ntpmodel:p74scope:eqversion:4.2.5

Trust: 0.3

vendor:ciscomodel:expressway seriesscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.2.0.4

Trust: 0.3

vendor:hpmodel:flexfabric 5700-48g-4xg-2qsfp+ taa-compliant switchscope:eqversion:0

Trust: 0.3

vendor:hpmodel:5900af 48xgt 4qsfp+ taa-compliant switchscope:eqversion:0

Trust: 0.3

vendor:ntpmodel:4.2.8p2scope: - version: -

Trust: 0.3

vendor:freebsdmodel:10.1-release-p6scope: - version: -

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:eqversion:3000

Trust: 0.3

vendor:extremenetworksmodel:extremexos patchscope:eqversion:15.7.31

Trust: 0.3

vendor:freebsdmodel:10.2-beta2-p3scope: - version: -

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.2

Trust: 0.3

vendor:hpmodel:msr3012 ac routerscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.4.0.4

Trust: 0.3

vendor:ciscomodel:management heartbeat serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:flex system fc3171 8gb san switch and san pass-thruscope:neversion:9.1.7.03.00

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.1.09

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:3.2.0.4

Trust: 0.3

vendor:ibmmodel:real-time compression appliancescope:neversion:4.1.17

Trust: 0.3

vendor:ntpmodel:p6scope:eqversion:4.2.4

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:105040

Trust: 0.3

vendor:ciscomodel:connected grid routersscope:eqversion:0

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:125180

Trust: 0.3

vendor:ciscomodel:telepresence integrator c seriesscope:eqversion:0

Trust: 0.3

vendor:hpmodel:taa switch chassisscope:eqversion:105040

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.0.1.2

Trust: 0.3

vendor:ntpmodel:p7scope:eqversion:4.2.4

Trust: 0.3

vendor:ciscomodel:nac serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fpscope:eqversion:2.2.0.3

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fix packscope:eqversion:3.12

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:13.1

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:2.4.01

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.1.2

Trust: 0.3

vendor:ntpmodel:p5scope:eqversion:4.2.4

Trust: 0.3

vendor:hpmodel:flexfabric 2.4tbps taa-compliant fabric/main processing uniscope:eqversion:79100

Trust: 0.3

vendor:ciscomodel:nac appliancescope:eqversion:0

Trust: 0.3

vendor:hpmodel:5130-48g-4sfp+ ei switchscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fixpacscope:neversion:3.2

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1.3

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:13.0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.2.09

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:ibmmodel:security access manager for webscope:eqversion:8.02

Trust: 0.3

vendor:hpmodel:a12508 switch chassisscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:application policy infrastructure controllerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:5130-24g-2sfp+-2xgt ei switchscope:eqversion:0

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.25

Trust: 0.3

vendor:ciscomodel:network analysis modulescope:eqversion:0

Trust: 0.3

vendor:ntpmodel:4.2.8p4scope: - version: -

Trust: 0.3

vendor:extremenetworksmodel:extremexosscope:eqversion:15.6.4

Trust: 0.3

vendor:extremenetworksmodel:purview appliancescope:neversion:6.4

Trust: 0.3

vendor:ciscomodel:prime infrastructurescope:eqversion: -

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:7

Trust: 0.3

vendor:ibmmodel:power hmcscope:eqversion:8.1.0.0

Trust: 0.3

vendor:ciscomodel:identity services enginescope:eqversion:0

Trust: 0.3

vendor:extremenetworksmodel:extremexosscope:eqversion:15.3

Trust: 0.3

vendor:hpmodel:5130-48g-2sfp+-2xgt ei switchscope:eqversion:0

Trust: 0.3

vendor:ntpmodel:4.2.8p6scope: - version: -

Trust: 0.3

vendor:extremenetworksmodel:nac appliancescope:neversion:6.4

Trust: 0.3

vendor:ciscomodel:telepresence ex seriesscope:eqversion:0

Trust: 0.3

vendor:hpmodel:msr1002-4 ac routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:105120

Trust: 0.3

vendor:ibmmodel:qlogic virtual fabric extension module for ibm bladecenterscope:eqversion:9.0

Trust: 0.3

vendor:ntpmodel:4.2.7p11scope: - version: -

Trust: 0.3

vendor:hpmodel:5900af-48xg-4qsfp+ switchscope:eqversion:0

Trust: 0.3

vendor:hpmodel:type d main processing unit with comware osscope:eqversion:10500v70

Trust: 0.3

vendor:hpmodel:taa switch chassisscope:eqversion:105120

Trust: 0.3

vendor:ibmmodel:smartcloud entry jre updatescope:eqversion:2.3.0.34

Trust: 0.3

vendor:hpmodel:vsr1001 virtual services router day evaluation softwarescope:eqversion:600

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:0

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:13.37

Trust: 0.3

vendor:hpmodel:24g sfp 4sfp+ hi 1-slot switchscope:eqversion:55100

Trust: 0.3

vendor:freebsdmodel:10.2-release-p6scope:neversion: -

Trust: 0.3

vendor:freebsdmodel:10.2-stablescope:neversion: -

Trust: 0.3

vendor:freebsdmodel:9.3-release-p5scope: - version: -

Trust: 0.3

vendor:hpmodel:5920af-24xg taa switchscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry fix packscope:eqversion:3.2.010

Trust: 0.3

vendor:junipermodel:junos osscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric switch chassisscope:eqversion:79040

Trust: 0.3

vendor:hpmodel:flexfabric 12908e switch chassisscope:eqversion:0

Trust: 0.3

vendor:citrixmodel:xenserverscope:eqversion:6.2

Trust: 0.3

vendor:freebsdmodel:9.3-beta1-p2scope: - version: -

Trust: 0.3

vendor:slackwaremodel:linux -currentscope: - version: -

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.1

Trust: 0.3

vendor:ciscomodel:telepresence conductorscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fixpacscope:neversion:3.1

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0.1

Trust: 0.3

vendor:ibmmodel:security access managerscope:eqversion:9.0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.0

Trust: 0.3

vendor:ciscomodel:content security appliance updater serversscope:eqversion:0

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:6

Trust: 0.3

vendor:hpmodel:flexfabric taa-compliant switch ac chassisscope:eqversion:129100

Trust: 0.3

vendor:freebsdmodel:10.1-release-p16scope: - version: -

Trust: 0.3

vendor:ciscomodel:unified communications manager session management editionscope:eqversion:0

Trust: 0.3

vendor:hpmodel:flexfabric 5700-40xg-2qsfp+ switchscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p6scope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:hpmodel:main processing unitscope:eqversion:75020

Trust: 0.3

vendor:ciscomodel:support centralscope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:9.3-release-p9scope: - version: -

Trust: 0.3

vendor:hpmodel:ff 12518e ac switch chassisscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:small business series wireless access pointsscope:eqversion:5000

Trust: 0.3

vendor:ciscomodel:virtual security gateway for microsoft hyper-vscope:eqversion:0

Trust: 0.3

vendor:ntpmodel:p4scope:eqversion:4.2.2

Trust: 0.3

vendor:hpmodel:flexfabric 5900cp 48xg 4qsfp+ taa-compliantscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime service catalog virtual appliancescope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:ciscomodel:access registrar appliancescope:eqversion:0

Trust: 0.3

vendor:hpmodel:24g poe+ 4sfp+ hi 1-slot switchscope:eqversion:55100

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.90

Trust: 0.3

vendor:hpmodel:hsr6602-g routerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:videoscape control suitescope:eqversion:0

Trust: 0.3

vendor:hpmodel:1950-48g-2sfp+-2xgt-poe+ switchscope:eqversion:0

Trust: 0.3

vendor:oraclemodel:linuxscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:security access manager for mobilescope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:2.2

Trust: 0.3

vendor:ciscomodel:telepresence mx seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ucs centralscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence profile seriesscope:eqversion:0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:hpmodel:msr3024 poe routerscope:eqversion:0

Trust: 0.3

vendor:hpmodel:a12518 switch chassisscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:visual quality experience tools serverscope:eqversion:0

Trust: 0.3

vendor:ibmmodel:smartcloud entryscope:eqversion:3.1.0.4

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:0

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:7

Trust: 0.3

vendor:extremenetworksmodel:extremexosscope:eqversion:15.7.2

Trust: 0.3

vendor:ciscomodel:im and presence servicescope:eqversion:0

Trust: 0.3

vendor:siemensmodel:ruggedcom roxscope:eqversion:2.0

Trust: 0.3

vendor:siemensmodel:ruggedcom roxscope:eqversion:2.6.3

Trust: 0.3

vendor:hpmodel:flexfabric switch chassisscope:eqversion:11908-v0

Trust: 0.3

vendor:ibmmodel:smartcloud entry appliance fiscope:eqversion:2.3.0.4

Trust: 0.3

vendor:ciscomodel:cloud object storescope:eqversion:0

Trust: 0.3

vendor:freebsdmodel:10.2-prereleasescope: - version: -

Trust: 0.3

vendor:hpmodel:switch chassisscope:eqversion:10508-v0

Trust: 0.3

vendor:ibmmodel:qlogic 8gb intelligent pass-thru module and san switch modulescope:eqversion:7.10

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.4

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.3

Trust: 0.3

vendor:oraclemodel:vm server forscope:eqversion:x863.2

Trust: 0.3

vendor:oraclemodel:integrated lights out managerscope:eqversion:3.2

Trust: 0.3

vendor:oraclemodel:integrated lights out managerscope:eqversion:3.1

Trust: 0.3

vendor:oraclemodel:integrated lights out managerscope:eqversion:3.0

Trust: 0.3

sources: CERT/CC: VU#718152 // BID: 77280 // BID: 92012 // JVNDB: JVNDB-2015-007700 // NVD: CVE-2015-7704

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-7704
value: HIGH

Trust: 1.0

NVD: CVE-2015-7704
value: HIGH

Trust: 0.8

VULMON: CVE-2015-7704
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-7704
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2015-7704
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2015-7704
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULMON: CVE-2015-7704 // JVNDB: JVNDB-2015-007700 // NVD: CVE-2015-7704

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.8

sources: JVNDB: JVNDB-2015-007700 // NVD: CVE-2015-7704

THREAT TYPE

network

Trust: 0.6

sources: BID: 77280 // BID: 92012

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 77280

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-007700

PATCH

title:HPSBHF03646url:https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05270839

Trust: 0.8

title:Bug 2901url:http://bugs.ntp.org/show_bug.cgi?id=2901

Trust: 0.8

title:Bug 1271070url:https://bugzilla.redhat.com/show_bug.cgi?id=1271070

Trust: 0.8

title:NTP Bug 2901url:http://support.ntp.org/bin/view/Main/NtpBug2901

Trust: 0.8

title:October 2015 NTP-4.2.8p4 Security Vulnerability Announcement (Medium)url:http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit

Trust: 0.8

title:Red Hat: Important: ntp security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20152520 - Security Advisory

Trust: 0.1

title:Red Hat: CVE-2015-7704url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2015-7704

Trust: 0.1

title:Amazon Linux AMI: ALAS-2015-607url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2015-607

Trust: 0.1

title:Ubuntu Security Notice: ntp vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-2783-1

Trust: 0.1

title:Citrix Security Bulletins: Citrix XenServer Multiple Security Updatesurl:https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins&qid=089f3f781342f5003697826b78ce46a9

Trust: 0.1

title:Debian Security Advisories: DSA-3388-1 ntp -- security updateurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=61fe4252a877d02aaea1c931efa0a305

Trust: 0.1

title:Symantec Security Advisories: SA103 : October 2015 NTP Security Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=f5e05389a60d3a56f2a0ad0ec21579d9

Trust: 0.1

title:Oracle Linux Bulletins: Oracle Linux Bulletin - October 2015url:https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=435ed9abc2fb1e74ce2a69605a01e326

Trust: 0.1

title:Cisco: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015url:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20151021-ntp

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - January 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=eb439566c9130adc92d21bc093204cf8

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=976a4da35d55283870dbb31b88a6c655

Trust: 0.1

title:Oracle: Oracle Critical Patch Update Advisory - July 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_advisories&qid=3a04485ebb79f7fbc2472bf9af5ce489

Trust: 0.1

sources: VULMON: CVE-2015-7704 // JVNDB: JVNDB-2015-007700

EXTERNAL IDS

db:NVDid:CVE-2015-7704

Trust: 3.1

db:CERT/CCid:VU#718152

Trust: 3.0

db:BIDid:77280

Trust: 1.4

db:SECTRACKid:1033951

Trust: 1.1

db:MCAFEEid:SB10284

Trust: 1.1

db:JVNid:JVNVU91176422

Trust: 0.8

db:JVNDBid:JVNDB-2015-007700

Trust: 0.8

db:MCAFEEid:SB10164

Trust: 0.6

db:JUNIPERid:JSA10711

Trust: 0.3

db:ICS CERTid:ICSA-17-094-04

Trust: 0.3

db:BIDid:92012

Trust: 0.3

db:ICS CERTid:ICSA-15-356-01

Trust: 0.1

db:VULMONid:CVE-2015-7704

Trust: 0.1

db:PACKETSTORMid:134093

Trust: 0.1

db:PACKETSTORMid:137992

Trust: 0.1

db:PACKETSTORMid:138803

Trust: 0.1

db:PACKETSTORMid:134082

Trust: 0.1

db:PACKETSTORMid:136864

Trust: 0.1

db:PACKETSTORMid:134542

Trust: 0.1

db:PACKETSTORMid:134102

Trust: 0.1

db:PACKETSTORMid:134034

Trust: 0.1

db:PACKETSTORMid:134162

Trust: 0.1

sources: CERT/CC: VU#718152 // VULMON: CVE-2015-7704 // BID: 77280 // BID: 92012 // JVNDB: JVNDB-2015-007700 // PACKETSTORM: 134093 // PACKETSTORM: 137992 // PACKETSTORM: 138803 // PACKETSTORM: 134082 // PACKETSTORM: 136864 // PACKETSTORM: 134542 // PACKETSTORM: 134102 // PACKETSTORM: 134034 // PACKETSTORM: 134162 // NVD: CVE-2015-7704

REFERENCES

url:https://www.kb.cert.org/vuls/id/718152

Trust: 2.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7704

Trust: 1.7

url:https://www.cs.bu.edu/~goldbe/ntpattack.html

Trust: 1.5

url:http://rhn.redhat.com/errata/rhsa-2015-1930.html

Trust: 1.5

url:https://support.citrix.com/article/ctx220112

Trust: 1.4

url:https://security.gentoo.org/glsa/201607-15

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2015-2520.html

Trust: 1.2

url:https://eprint.iacr.org/2015/1020.pdf

Trust: 1.1

url:https://bugzilla.redhat.com/show_bug.cgi?id=1271070

Trust: 1.1

url:http://support.ntp.org/bin/view/main/securitynotice#october_2015_ntp_4_2_8p4_securit

Trust: 1.1

url:http://support.ntp.org/bin/view/main/ntpbug2901

Trust: 1.1

url:http://bugs.ntp.org/show_bug.cgi?id=2901

Trust: 1.1

url:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05270839

Trust: 1.1

url:http://www.securityfocus.com/bid/77280

Trust: 1.1

url:http://www.securitytracker.com/id/1033951

Trust: 1.1

url:http://www.debian.org/security/2015/dsa-3388

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20171004-0002/

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20171004-0001/

Trust: 1.1

url:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Trust: 1.1

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10284

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7704

Trust: 1.0

url:https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016

Trust: 1.0

url:http://support.ntp.org/bin/view/main/securitynotice#april_2016_ntp_4_2_8p7_security

Trust: 0.8

url:http://support.ntp.org/bin/view/main/securitynotice#january_2016_ntp_4_2_8p6_securit

Trust: 0.8

url:https://jvn.jp/vu/jvnvu91176422/

Trust: 0.8

url:http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Trust: 0.6

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10164

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2015-7871

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2015-7855

Trust: 0.6

url:http://support.ntp.org/bin/view/main/securitynotice#recent_vulnerabilities

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-7702

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-7852

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-7701

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-7703

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2015-7850

Trust: 0.5

url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20151021-ntp

Trust: 0.4

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05270839

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2015-7705

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2015-7691

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2015-7853

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2015-7692

Trust: 0.4

url:https://github.com/ntp-project/ntp/blob/stable/news#l295

Trust: 0.3

url:http://www.ntp.org

Trust: 0.3

url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10711

Trust: 0.3

url:https://ics-cert.us-cert.gov/advisories/icsa-17-094-04

Trust: 0.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160428-ntpd

Trust: 0.3

url:http://learn.extremenetworks.com/rs/641-vmv-602/images/vn-2015-009_multiple_ntp_vulnerabilities.pdf

Trust: 0.3

url:http://seclists.org/bugtraq/2015/oct/113

Trust: 0.3

url:isg3t1023874

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1023885

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024073

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1023874

Trust: 0.3

url:http://support.ntp.org/bin/view/main/ntpbug2952

Trust: 0.3

url:http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21981747

Trust: 0.3

url:https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5099260

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=ssg1s1005821

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21979393

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21980676

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21983501

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21983506

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas8n1021264

Trust: 0.3

url:http://www.oracle.com/index.html

Trust: 0.3

url:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-5300

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7848

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7849

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7854

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-7851

Trust: 0.3

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.2

url:https://access.redhat.com/security/team/contact/

Trust: 0.2

url:https://bugzilla.redhat.com/):

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2015-7704

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-8138

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-1547

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-5219

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-5194

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-5146

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-5195

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2015:2520

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://ics-cert.us-cert.gov/advisories/icsa-15-356-01

Trust: 0.1

url:https://usn.ubuntu.com/2783-1/

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2015-5300

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7702

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1549

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7849

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7852

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7978

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8140

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7978

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1551

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2516

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7975

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7973

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7979

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8139

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8158

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4954

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4956

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7973

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7853

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7704

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8140

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7974

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7691

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8139

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4957

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7703

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7855

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4955

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7705

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2517

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1548

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1547

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8158

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7854

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2519

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2518

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7851

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7871

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7977

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7848

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7977

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1550

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7850

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7701

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7692

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8138

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7979

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7974

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4953

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7975

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7976

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7976

Trust: 0.1

url:http://www.hpe.com/support/security_bulletin_archive

Trust: 0.1

url:https://www.hpe.com/info/report-security-vulnerability

Trust: 0.1

url:https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499

Trust: 0.1

url:http://www.hpe.com/support/subscriber_choice

Trust: 0.1

url:https://security.freebsd.org/patches/sa-15:25/ntp-93.patch.asc

Trust: 0.1

url:https://security.freebsd.org/advisories/freebsd-sa-15:25.ntp.asc

Trust: 0.1

url:https://www.freebsd.org/handbook/makeworld.html.

Trust: 0.1

url:https://security.freebsd.org/patches/sa-15:25/ntp-102.patch.asc

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7702

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7851

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7701

Trust: 0.1

url:https://security.freebsd.org/.

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7855

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7852

Trust: 0.1

url:https://svnweb.freebsd.org/base?view=revision&revision=nnnnnn

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7850

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7854

Trust: 0.1

url:https://security.freebsd.org/patches/sa-15:25/ntp-93.patch.bz2

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7703

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7849

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7853

Trust: 0.1

url:https://security.freebsd.org/patches/sa-15:25/ntp-101.patch.bz2

Trust: 0.1

url:https://security.freebsd.org/patches/sa-15:25/ntp-101.patch.asc

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7871

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7848

Trust: 0.1

url:https://security.freebsd.org/patches/sa-15:25/ntp-102.patch.bz2

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2516

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1551

Trust: 0.1

url:http://slackware.com

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1548

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2519

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2516

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2517

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2519

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1550

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1547

Trust: 0.1

url:http://slackware.com/gpg-key

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8138

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2518

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1549

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1551

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1550

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2518

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2517

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1548

Trust: 0.1

url:http://osuosl.org)

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1549

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-2783-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu8.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.5

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.6

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu6.2

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-5196

Trust: 0.1

url:http://gpgtools.org

Trust: 0.1

url:http://talosintel.com/vulnerability-reports/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-9751

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2014-9750

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-3405

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

sources: CERT/CC: VU#718152 // VULMON: CVE-2015-7704 // BID: 77280 // BID: 92012 // JVNDB: JVNDB-2015-007700 // PACKETSTORM: 134093 // PACKETSTORM: 137992 // PACKETSTORM: 138803 // PACKETSTORM: 134082 // PACKETSTORM: 136864 // PACKETSTORM: 134542 // PACKETSTORM: 134102 // PACKETSTORM: 134034 // PACKETSTORM: 134162 // NVD: CVE-2015-7704

CREDITS

Aanchal Malhotra, Isaac E. Cohen, Erik Brakke, and Sharon Goldberg from Boston University

Trust: 0.3

sources: BID: 77280

SOURCES

db:CERT/CCid:VU#718152
db:VULMONid:CVE-2015-7704
db:BIDid:77280
db:BIDid:92012
db:JVNDBid:JVNDB-2015-007700
db:PACKETSTORMid:134093
db:PACKETSTORMid:137992
db:PACKETSTORMid:138803
db:PACKETSTORMid:134082
db:PACKETSTORMid:136864
db:PACKETSTORMid:134542
db:PACKETSTORMid:134102
db:PACKETSTORMid:134034
db:PACKETSTORMid:134162
db:NVDid:CVE-2015-7704

LAST UPDATE DATE

2024-11-20T21:26:20.744000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#718152date:2016-04-28T00:00:00
db:VULMONid:CVE-2015-7704date:2020-06-18T00:00:00
db:BIDid:77280date:2017-05-23T16:23:00
db:BIDid:92012date:2016-11-24T01:13:00
db:JVNDBid:JVNDB-2015-007700date:2017-09-06T00:00:00
db:NVDid:CVE-2015-7704date:2021-11-17T22:15:44.397

SOURCES RELEASE DATE

db:CERT/CCid:VU#718152date:2016-04-27T00:00:00
db:VULMONid:CVE-2015-7704date:2017-08-07T00:00:00
db:BIDid:77280date:2015-10-21T00:00:00
db:BIDid:92012date:2016-07-19T00:00:00
db:JVNDBid:JVNDB-2015-007700date:2017-09-06T00:00:00
db:PACKETSTORMid:134093date:2015-10-27T03:38:46
db:PACKETSTORMid:137992date:2016-07-21T15:56:23
db:PACKETSTORMid:138803date:2016-09-21T17:24:00
db:PACKETSTORMid:134082date:2015-10-26T19:32:22
db:PACKETSTORMid:136864date:2016-05-02T21:38:58
db:PACKETSTORMid:134542date:2015-11-27T18:25:38
db:PACKETSTORMid:134102date:2015-10-27T23:30:50
db:PACKETSTORMid:134034date:2015-10-21T19:22:22
db:PACKETSTORMid:134162date:2015-11-02T16:48:39
db:NVDid:CVE-2015-7704date:2017-08-07T20:29:00.683