Lucene search
CiscoCISCO-SA-20160127-NTPDHistoryJan 27, 2016 - 8:00 p.m.
Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: January 2016
2016-01-2720:00:00
tools.cisco.com
89
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
0.097 Low
EPSS
Percentile
94.8%
Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.
On January 19, 2016, NTP Consortium at Network Time Foundation released a security advisory detailing 12 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may allow an attacker to shift a client’s time. The vulnerabilities covered in this document are as follows:
CVE-2015-7973: Network Time Protocol Replay Attack on Authenticated Broadcast Mode Vulnerability
CVE-2015-7974: Network Time Protocol Missing Trusted Key Check
CVE-2015-7975: Standard Network Time Protocol Query Program nextvar() Missing Length Check
CVE-2015-7976: Standard Network Time Protocol Query Program saveconfig Command Allows Dangerous Characters in Filenames
CVE-2015-7978: Network Time Protocol Daemon reslist NULL Pointer Deference Denial of Service Vulnerability
CVE-2015-7977: Network Time Protocol Stack Exhaustion Denial of Service
CVE-2015-7979: Network Time Protocol Off-Path Broadcast Mode Denial of Service
CVE-2015-8138: Network Time Protocol Zero Origin Timestamp Bypass
CVE-2015-8139: Network Time Protocol Information Disclosure of Origin Timestamp
CVE-2015-8140: Standard Network Time Protocol Query Program Replay Attack
CVE-2015-8158: Standard and Special Network Time Protocol Query Program Infinite loop
Additional details on each of the vulnerabilities are in the official security advisory from the NTP Consortium at Network Time Foundation at the following link: Security Notice [“http://nwtime.org/security-policy/”]
Cisco has released software updates that address these vulnerabilities.
Workarounds that address some of these vulnerabilities may be available. Available workarounds will be documented in the corresponding Cisco bug for each affected product.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
Affected configurations
Node
ciscoapplication_and_content_networking_system_softwareMatchany
ORciscosecure_access_control_systemMatchany
ORciscounityMatchany
ORciscoiosMatchany
ORciscoemergency_responderMatchany
ORciscoios_xr_softwareMatchany
ORcisconac_applianceMatchany
ORciscointrusion_prevention_systemMatchany
ORciscounified_presence_serverMatchany
ORciscoace_application_control_engine_module_a3Matchany
ORciscowide_area_application_servicesMatchany
ORciscounified_contact_center_enterpriseMatchany
ORciscoip_interoperability_and_collaboration_systemMatchany
ORciscoservice_control_engineMatchany
ORciscounity_connectionMatchany
ORciscotelepresence_mx200Matchany
ORcisconx_osMatch4.1
ORcisconx_osMatch5.0
ORcisconx_osMatch4.2
ORcisconx_osMatch5.1
ORcisconx_osMatch5.2
ORcisconx_osMatch6.1
ORcisconx_osMatch4.0\(0\)n1
ORcisconx_osMatch4.0\(1a\)n1
ORcisconx_osMatch4.0\(1a\)n2
ORcisconx_osMatch4.1\(3\)n1
ORcisconx_osMatch4.1\(3\)n2
ORcisconx_osMatch4.2\(1\)n1
ORcisconx_osMatch4.2\(1\)n2
ORcisconx_osMatch5.0\(2\)n1
ORcisconx_osMatch5.0\(2\)n2
ORcisconx_osMatch5.0\(3\)n1
ORcisconx_osMatch5.0\(3\)n2
ORcisconx_osMatch5.0\(3\)u1
ORcisconx_osMatch5.0\(3\)u2
ORcisconx_osMatch5.0\(3\)u3
ORcisconx_osMatch5.0\(3\)u4
ORcisconx_osMatch5.0\(3\)u5
ORcisconx_osMatch5.1\(3\)n1
ORcisconx_osMatch5.1\(3\)n2
ORcisconx_osMatch5.2\(1\)n1
ORcisconx_osMatch6.0
ORcisconx_osMatch6.0\(2\)n1
ORcisconx_osMatch6.0\(2\)n2
ORcisconx_osMatch6.0\(2\)u1
ORcisconx_osMatch6.0\(2\)u2
ORcisconx_osMatch6.0\(2\)u3
ORcisconx_osMatch6.0\(2\)u4
ORcisconx_osMatch6.0\(2\)u5
ORcisconx_osMatch6.1\(2\)i2
ORcisconx_osMatch6.1\(2\)i3
ORcisconx_osMatch6.2
ORcisconx_osMatch7.0\(0\)n1
ORcisconx_osMatch7.0\(1\)n1
ORcisconx_osMatch7.0\(2\)n1
ORcisconx_osMatch7.0\(3\)n1
ORciscoace_4700_series_application_control_engine_applianceMatchany
ORciscounified_communications_managerMatchany
ORciscoapplication_networking_managerMatchany
ORciscounified_provisioning_managerMatchany
ORciscophysical_access_gatewayMatchany
ORciscocisco_iosMatch3.2sgxe
ORciscocisco_iosMatch3.7sxe
ORciscocisco_iosMatch3.3sgxe
ORciscocisco_iosMatch3.8sxe
ORciscocisco_iosMatch3.9sxe
ORciscocisco_iosMatch3.2sexe
ORciscocisco_iosMatch3.3sexe
ORciscocisco_iosMatch3.3xoxe
ORciscocisco_iosMatch3.4sgxe
ORciscocisco_iosMatch3.5exe
ORciscocisco_iosMatch3.10sxe
ORciscocisco_iosMatch3.11sxe
ORciscocisco_iosMatch3.12sxe
ORciscocisco_iosMatch3.13sxe
ORciscocisco_iosMatch3.6exe
ORciscocisco_iosMatch3.14sxe
ORciscocisco_iosMatch3.15sxe
ORciscocisco_iosMatch3.3sqxe
ORciscocisco_iosMatch3.4sqxe
ORciscocisco_iosMatch3.7exe
ORciscocisco_iosMatchanyxe
ORciscovideo_surveillance_media_serverMatchany
ORciscodigital_media_managerMatchany
ORciscoip_interoperability_and_collaboration_systemMatchany
ORcisconetwork_analysis_module_softwareMatchany
ORciscoironport_encryption_applianceMatchany
ORcisconetwork_admission_controlMatchany
ORciscotelepresence_mxp_softwareMatchany
ORciscoshow_and_shareMatchany
ORciscoidentity_services_engine_softwareMatchany
ORciscotelepresence_video_communication_serverMatchany
ORcisconexus_1000vMatchanynexus_1000v
ORciscotelepresence_managerMatchany
ORciscoasa_cx_context-aware_security_softwareMatchany
ORciscoprime_security_managerMatchany
ORciscoprime_data_center_network_managerMatchany
ORciscoprime_lan_management_solutionMatchany
ORciscoprime_collaborationMatchany
ORciscoprime_infrastructureMatchany
ORciscoconnected_grid_network_management_systemMatchany
ORciscowebex_meetings_serverMatchany
ORciscowebex_node_for_mcsMatchany
ORciscounified_computing_system_central_softwareMatchany
ORciscoenterprise_content_delivery_systemMatchany
ORciscotelepresence_tc_softwareMatchany
ORciscotelepresence_te_softwareMatchany
ORciscovirtualization_experience_client_6000_series_firmwareMatchany
ORciscofinesseMatchany
ORciscosocialminerMatchany
ORciscomediasenseMatchany
ORciscounified_sip_proxyMatchany
ORciscomedia_experience_engine_5600Matchany
ORciscoucs_directorMatchany
ORciscodigital_content_managerMatchany
ORciscounified_intelligence_centerMatchany
ORciscoprime_service_catalogMatchany
ORcisconexus_1000vMatchanynexus_1000v
ORciscoapplication_policy_infrastructure_controller_\(apic\)Matchany
ORciscoexpresswayMatchany
ORcisco300_series_managed_switchesMatchany
ORciscojabber_guestMatchany
ORciscodesktop_collaboration_experienceMatchany
ORciscounified_computing_system_softwareMatchany
ORciscoprime_license_managerMatchany
ORciscoprime_collaboration_deploymentMatchany
ORciscotelepresence_isdn_gw_3241Matchany
ORciscotelepresence_conductorMatchany
ORciscomodular_encoding_platform_d9036_softwareMatchany
ORciscofirepower_system_softwareMatchany
ORciscovideoscape_policy_resource_managerMatchany
ORciscoprime_collaboration_assuranceMatchany
ORciscovirtual_topology_systemMatchany
ORcisconexus_3000Matchany
ORciscocisco_policy_suiteMatchany
ORciscohosted_collaboration_mediation_fulfillmentMatchany
ORciscocloud_services_platform_2100Matchany
ORciscoapplication_and_content_networking_system_softwareMatchany
ORciscosecure_access_control_systemMatchany
ORciscounityMatchany
ORciscoiosMatchany
ORciscoemergency_responderMatchany
ORciscoios_xr_softwareMatchany
ORcisconac_applianceMatchany
ORciscointrusion_prevention_systemMatchany
ORciscounified_presence_serverMatchany
ORciscoace_application_control_engine_module_a3Matchany
ORciscowide_area_application_servicesMatchany
ORciscounified_contact_center_enterpriseMatchany
ORciscoip_interoperability_and_collaboration_systemMatchany
ORciscoservice_control_engineMatchany
ORciscounity_connectionMatchany
ORciscotelepresence_mx200Matchany
ORcisconx_osMatch4.1\(2\)
ORcisconx_osMatch4.1\(3\)
ORcisconx_osMatch4.1\(4\)
ORcisconx_osMatch4.1\(5\)
ORcisconx_osMatch5.0\(2a\)
ORcisconx_osMatch5.0\(3\)
ORcisconx_osMatch5.0\(5\)
ORcisconx_osMatch4.2\(2a\)
ORcisconx_osMatch4.2\(3\)
ORcisconx_osMatch4.2\(4\)
ORcisconx_osMatch4.2\(6\)
ORcisconx_osMatch4.2\(8\)
ORcisconx_osMatch5.1\(1\)
ORcisconx_osMatch5.1\(1a\)
ORcisconx_osMatch5.1\(3\)
ORcisconx_osMatch5.1\(4\)
ORcisconx_osMatch5.1\(5\)
ORcisconx_osMatch5.1\(6\)
ORcisconx_osMatch5.2\(1\)
ORcisconx_osMatch5.2\(3a\)
ORcisconx_osMatch5.2\(4\)
ORcisconx_osMatch5.2\(5\)
ORcisconx_osMatch5.2\(7\)
ORcisconx_osMatch5.2\(9\)
ORcisconx_osMatch6.1\(1\)
ORcisconx_osMatch6.1\(2\)
ORcisconx_osMatch6.1\(3\)
ORcisconx_osMatch6.1\(4\)
ORcisconx_osMatch6.1\(4a\)
ORcisconx_osMatch4.0\(0\)n1\(1a\)
ORcisconx_osMatch4.0\(0\)n1\(2\)
ORcisconx_osMatch4.0\(0\)n1\(2a\)
ORcisconx_osMatch4.0\(1a\)n1\(1\)
ORcisconx_osMatch4.0\(1a\)n1\(1a\)
ORcisconx_osMatch4.0\(1a\)n2\(1\)
ORcisconx_osMatch4.0\(1a\)n2\(1a\)
ORcisconx_osMatch4.1\(3\)n1\(1\)
ORcisconx_osMatch4.1\(3\)n1\(1a\)
ORcisconx_osMatch4.1\(3\)n2\(1\)
ORcisconx_osMatch4.1\(3\)n2\(1a\)
ORcisconx_osMatch4.2\(1\)n1\(1\)
ORcisconx_osMatch4.2\(1\)n2\(1\)
ORcisconx_osMatch4.2\(1\)n2\(1a\)
ORcisconx_osMatch5.0\(2\)n1\(1\)
ORcisconx_osMatch5.0\(2\)n2\(1\)
ORcisconx_osMatch5.0\(2\)n2\(1a\)
ORcisconx_osMatch5.0\(3\)n1\(1c\)
ORcisconx_osMatch5.0\(3\)n2\(1\)
ORcisconx_osMatch5.0\(3\)n2\(2\)
ORcisconx_osMatch5.0\(3\)n2\(2a\)
ORcisconx_osMatch5.0\(3\)n2\(2b\)
ORcisconx_osMatch5.0\(3\)u1\(1\)
ORcisconx_osMatch5.0\(3\)u1\(1a\)
ORcisconx_osMatch5.0\(3\)u1\(1b\)
ORcisconx_osMatch5.0\(3\)u1\(1d\)
ORcisconx_osMatch5.0\(3\)u1\(2\)
ORcisconx_osMatch5.0\(3\)u1\(2a\)
ORcisconx_osMatch5.0\(3\)u2\(1\)
ORcisconx_osMatch5.0\(3\)u2\(2\)
ORcisconx_osMatch5.0\(3\)u2\(2a\)
ORcisconx_osMatch5.0\(3\)u2\(2b\)
ORcisconx_osMatch5.0\(3\)u2\(2c\)
ORcisconx_osMatch5.0\(3\)u2\(2d\)
ORcisconx_osMatch5.0\(3\)u3\(1\)
ORcisconx_osMatch5.0\(3\)u3\(2\)
ORcisconx_osMatch5.0\(3\)u3\(2a\)
ORcisconx_osMatch5.0\(3\)u3\(2b\)
ORcisconx_osMatch5.0\(3\)u4\(1\)
ORcisconx_osMatch5.0\(3\)u5\(1\)
ORcisconx_osMatch5.0\(3\)u5\(1a\)
ORcisconx_osMatch5.0\(3\)u5\(1b\)
ORcisconx_osMatch5.0\(3\)u5\(1c\)
ORcisconx_osMatch5.0\(3\)u5\(1d\)
ORcisconx_osMatch5.0\(3\)u5\(1e\)
ORcisconx_osMatch5.0\(3\)u5\(1f\)
ORcisconx_osMatch5.0\(3\)u5\(1g\)
ORcisconx_osMatch5.0\(3\)u5\(1h\)
ORcisconx_osMatch5.1\(3\)n1\(1\)
ORcisconx_osMatch5.1\(3\)n1\(1a\)
ORcisconx_osMatch5.1\(3\)n2\(1\)
ORcisconx_osMatch5.1\(3\)n2\(1a\)
ORcisconx_osMatch5.1\(3\)n2\(1b\)
ORcisconx_osMatch5.1\(3\)n2\(1c\)
ORcisconx_osMatch5.2\(1\)n1\(1\)
ORcisconx_osMatch5.2\(1\)n1\(1a\)
ORcisconx_osMatch5.2\(1\)n1\(1b\)
ORcisconx_osMatch5.2\(1\)n1\(2\)
ORcisconx_osMatch5.2\(1\)n1\(2a\)
ORcisconx_osMatch5.2\(1\)n1\(3\)
ORcisconx_osMatch5.2\(1\)n1\(4\)
ORcisconx_osMatch5.2\(1\)n1\(5\)
ORcisconx_osMatch5.2\(1\)n1\(6\)
ORcisconx_osMatch5.2\(1\)n1\(7\)
ORcisconx_osMatch5.2\(1\)n1\(8a\)
ORcisconx_osMatch5.2\(1\)n1\(8\)
ORcisconx_osMatch6.0\(1\)
ORcisconx_osMatch6.0\(2\)
ORcisconx_osMatch6.0\(3\)
ORcisconx_osMatch6.0\(4\)
ORcisconx_osMatch6.0\(2\)n1\(1\)
ORcisconx_osMatch6.0\(2\)n1\(2\)
ORcisconx_osMatch6.0\(2\)n1\(2a\)
ORcisconx_osMatch6.0\(2\)n2\(1\)
ORcisconx_osMatch6.0\(2\)n2\(1b\)
ORcisconx_osMatch6.0\(2\)n2\(2\)
ORcisconx_osMatch6.0\(2\)n2\(3\)
ORcisconx_osMatch6.0\(2\)n2\(4\)
ORcisconx_osMatch6.0\(2\)n2\(5\)
ORcisconx_osMatch6.0\(2\)u1\(1\)
ORcisconx_osMatch6.0\(2\)u1\(2\)
ORcisconx_osMatch6.0\(2\)u1\(1a\)
ORcisconx_osMatch6.0\(2\)u1\(3\)
ORcisconx_osMatch6.0\(2\)u1\(4\)
ORcisconx_osMatch6.0\(2\)u2\(1\)
ORcisconx_osMatch6.0\(2\)u2\(2\)
ORcisconx_osMatch6.0\(2\)u2\(3\)
ORcisconx_osMatch6.0\(2\)u2\(4\)
ORcisconx_osMatch6.0\(2\)u2\(5\)
ORcisconx_osMatch6.0\(2\)u2\(6\)
ORcisconx_osMatch6.0\(2\)u3\(1\)
ORcisconx_osMatch6.0\(2\)u3\(2\)
ORcisconx_osMatch6.0\(2\)u3\(3\)
ORcisconx_osMatch6.0\(2\)u3\(4\)
ORcisconx_osMatch6.0\(2\)u3\(5\)
ORcisconx_osMatch6.0\(2\)u4\(1\)
ORcisconx_osMatch6.0\(2\)u4\(2\)
ORcisconx_osMatch6.0\(2\)u4\(3\)
ORcisconx_osMatch6.0\(2\)u5\(1\)
ORcisconx_osMatch6.1\(2\)i2\(1\)
ORcisconx_osMatch6.1\(2\)i2\(2\)
ORcisconx_osMatch6.1\(2\)i2\(2a\)
ORcisconx_osMatch6.1\(2\)i2\(3\)
ORcisconx_osMatch6.1\(2\)i2\(2b\)
ORcisconx_osMatch6.1\(2\)i3\(1\)
ORcisconx_osMatch6.1\(2\)i3\(2\)
ORcisconx_osMatch6.1\(2\)i3\(3\)
ORcisconx_osMatch6.2\(2\)
ORcisconx_osMatch6.2\(2a\)
ORcisconx_osMatch6.2\(6\)
ORcisconx_osMatch6.2\(6b\)
ORcisconx_osMatch6.2\(8\)
ORcisconx_osMatch6.2\(8a\)
ORcisconx_osMatch6.2\(8b\)
ORcisconx_osMatch6.2\(10\)
ORcisconx_osMatch7.0\(0\)n1\(1\)
ORcisconx_osMatch7.0\(1\)n1\(1\)
ORcisconx_osMatch7.0\(2\)n1\(1\)
ORcisconx_osMatch7.0\(3\)n1\(1\)
ORciscoace_4710Match4700_series_application_control_engine_appliances
ORciscounified_communications_managerMatchany
ORciscoapplication_networking_managerMatchany
ORciscounified_provisioning_managerMatchany
ORciscophysical_access_gatewayMatchany
ORciscocisco_iosMatch3.2.0sgxe
ORciscocisco_iosMatch3.2.1sgxe
ORciscocisco_iosMatch3.2.2sgxe
ORciscocisco_iosMatch3.2.3sgxe
ORciscocisco_iosMatch3.2.4sgxe
ORciscocisco_iosMatch3.2.5sgxe
ORciscocisco_iosMatch3.2.6sgxe
ORciscocisco_iosMatch3.2.7sgxe
ORciscocisco_iosMatch3.2.8sgxe
ORciscocisco_iosMatch3.2.9sgxe
ORciscocisco_iosMatch3.7.0sxe
ORciscocisco_iosMatch3.7.1sxe
ORciscocisco_iosMatch3.7.2sxe
ORciscocisco_iosMatch3.7.3sxe
ORciscocisco_iosMatch3.7.4sxe
ORciscocisco_iosMatch3.7.5sxe
ORciscocisco_iosMatch3.7.6sxe
ORciscocisco_iosMatch3.7.7sxe
ORciscocisco_iosMatch3.3.0sgxe
ORciscocisco_iosMatch3.3.2sgxe
ORciscocisco_iosMatch3.3.1sgxe
ORciscocisco_iosMatch3.8.0sxe
ORciscocisco_iosMatch3.8.1sxe
ORciscocisco_iosMatch3.8.2sxe
ORciscocisco_iosMatch3.9.1sxe
ORciscocisco_iosMatch3.9.0sxe
ORciscocisco_iosMatch3.9.2sxe
ORciscocisco_iosMatch3.2.0sexe
ORciscocisco_iosMatch3.2.1sexe
ORciscocisco_iosMatch3.2.2sexe
ORciscocisco_iosMatch3.2.3sexe
ORciscocisco_iosMatch3.3.0sexe
ORciscocisco_iosMatch3.3.1sexe
ORciscocisco_iosMatch3.3.2sexe
ORciscocisco_iosMatch3.3.3sexe
ORciscocisco_iosMatch3.3.4sexe
ORciscocisco_iosMatch3.3.5sexe
ORciscocisco_iosMatch3.3.0xoxe
ORciscocisco_iosMatch3.3.1xoxe
ORciscocisco_iosMatch3.3.2xoxe
ORciscocisco_iosMatch3.4.0sgxe
ORciscocisco_iosMatch3.4.2sgxe
ORciscocisco_iosMatch3.4.1sgxe
ORciscocisco_iosMatch3.4.3sgxe
ORciscocisco_iosMatch3.4.4sgxe
ORciscocisco_iosMatch3.4.5sgxe
ORciscocisco_iosMatch3.5.0exe
ORciscocisco_iosMatch3.5.1exe
ORciscocisco_iosMatch3.5.2exe
ORciscocisco_iosMatch3.5.3exe
ORciscocisco_iosMatch3.10.0sxe
ORciscocisco_iosMatch3.10.1sxe
ORciscocisco_iosMatch3.10.2sxe
ORciscocisco_iosMatch3.10.0asxe
ORciscocisco_iosMatch3.10.3sxe
ORciscocisco_iosMatch3.10.4sxe
ORciscocisco_iosMatch3.10.5sxe
ORciscocisco_iosMatch3.10.6sxe
ORciscocisco_iosMatch3.11.1sxe
ORciscocisco_iosMatch3.11.2sxe
ORciscocisco_iosMatch3.11.0sxe
ORciscocisco_iosMatch3.11.3sxe
ORciscocisco_iosMatch3.11.4sxe
ORciscocisco_iosMatch3.12.0sxe
ORciscocisco_iosMatch3.12.1sxe
ORciscocisco_iosMatch3.12.2sxe
ORciscocisco_iosMatch3.12.3sxe
ORciscocisco_iosMatch3.13.0sxe
ORciscocisco_iosMatch3.13.1sxe
ORciscocisco_iosMatch3.13.2sxe
ORciscocisco_iosMatch3.6.0exe
ORciscocisco_iosMatch3.6.1exe
ORciscocisco_iosMatch3.14.0sxe
ORciscocisco_iosMatch3.14.1sxe
ORciscocisco_iosMatch3.14.2sxe
ORciscocisco_iosMatch3.14.3sxe
ORciscocisco_iosMatch3.14.4sxe
ORciscocisco_iosMatch3.15.0sxe
ORciscocisco_iosMatch3.3.0sqxe
ORciscocisco_iosMatch3.3.1sqxe
ORciscocisco_iosMatch3.4.0sqxe
ORciscocisco_iosMatch3.4.1sqxe
ORciscocisco_iosMatch3.7.0exe
ORciscocisco_iosMatchanyxe
ORciscovideo_surveillance_media_serverMatchany
ORciscodigital_media_managerMatchany
ORciscoip_interoperability_and_collaboration_systemMatchany
ORcisconetwork_analysis_module_softwareMatchany
ORciscoironport_encryption_applianceMatchany
ORcisconetwork_admission_controlMatchany
ORciscotelepresence_mxp_softwareMatchany
ORciscoshow_and_shareMatchany
ORciscoidentity_services_engine_softwareMatchany
ORciscotelepresence_video_communication_serverMatchany
ORciscoweb_security_virtual_applianceMatch1000v_series_switches
ORciscotelepresence_managerMatchany
ORciscoasa_cx_context-aware_security_softwareMatchany
ORciscoprime_security_managerMatchany
ORciscoprime_data_center_network_managerMatchany
ORciscoprime_lan_management_solutionMatchany
ORciscoprime_collaborationMatchany
ORciscoprime_infrastructureMatchany
ORciscoconnected_grid_network_management_systemMatchany
ORciscowebex_meetings_serverMatchany
ORciscowebex_node_for_mcsMatchany
ORciscounified_computing_system_central_softwareMatchany
ORciscoenterprise_content_delivery_systemMatchany
ORciscotelepresence_tc_softwareMatchany
ORciscotelepresence_te_softwareMatchany
ORciscovirtualization_experience_client_6000Match6000_series_firmware
ORciscofinesseMatchany
ORciscosocialminerMatchany
ORciscomediasenseMatchany
ORciscounified_sip_proxyMatchany
ORciscocisco_mxeMatch3500_\(media_experience_engine\)
ORciscoucs_directorMatchany
ORciscodigital_content_managerMatchany
ORciscounified_intelligence_centerMatchany
ORciscoprime_service_catalogMatchany
ORcisconexus_1000vMatch1000v_switchnexus_1000v
ORciscoapplication_policy_infrastructure_controller_\(apic\)Matchany
ORciscoexpresswayMatchany
ORciscoedge_340_firmwareMatch300_series
ORciscojabber_guestMatchany
ORciscodesktop_collaboration_experienceMatchany
ORciscounified_computing_system_softwareMatchany
ORciscoprime_license_managerMatchany
ORciscoprime_collaboration_deploymentMatchany
ORciscotelepresence_isdn_gw_3241Matchany
ORciscotelepresence_conductorMatchany
ORciscomodular_encoding_platform_d9036_softwareMatchany
ORciscofirepower_system_softwareMatchany
ORciscovideoscape_policy_resource_managerMatchany
ORciscoprime_collaboration_assuranceMatchany
ORciscovirtual_topology_systemMatchany
ORcisconexus_1000vMatch3000_series_switchnexus_1000v
ORciscocisco_policy_suiteMatchany
ORciscohosted_collaboration_mediation_fulfillmentMatchany
ORciscocloud_services_platform_2100Match2100
Related
openvas
openvas
freebsd
freebsd
ntp -- multiple vulnerabilities
2016-01-20 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-16:09.ntp
2016-01-27 00:00:00
nessus
nessus
SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1175-1)
2016-05-02 00:00:00
mageia
mageia
Updated ntp packages fix security vulnerability
2016-01-29 14:02:50
paloalto
paloalto
NTP Vulnerabilities
2016-08-15 00:00:00
suse
suse
Security update for ntp (important)
2016-04-28 19:09:34
Security update for ntp (important)
2016-05-12 21:07:47
Security update for ntp (important)
2016-04-28 19:13:09
slackware
slackware
[slackware-security] ntp
2016-02-23 19:51:20
symantec
symantec
SA113 : January 2016 NTP Security Vulnerabilities
2016-03-03 08:00:00
aix
aix
Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS
2016-06-08 13:17:48
fedora
fedora
[SECURITY] Fedora 23 Update: ntp-4.2.6p5-36.fc23
2016-01-30 18:28:19
[SECURITY] Fedora 22 Update: ntp-4.2.6p5-36.fc22
2016-02-21 02:33:52
amazon
amazon
Important: ntp
2016-02-09 13:30:00
ibm
ibm
cert
cert
NTP.org ntpd contains multiple vulnerabilities
2016-04-27 00:00:00
ubuntu
ubuntu
NTP vulnerabilities
2016-10-05 00:00:00
debian
debian
[SECURITY] [DLA 559-1] ntp security update
2016-07-25 21:37:14
[SECURITY] [DSA 3629-1] ntp security update
2016-07-25 21:15:32
cloudfoundry
cloudfoundry
USN-3096-1: NTP vulnerabilities | Cloud Foundry
2016-12-21 00:00:00
osv
osv
ntp - security update
2016-07-25 00:00:00
ntp - security update
2016-07-25 00:00:00
ubuntucve
ubuntucve
f5
f5
SOL06288381 - NTP vulnerabilities CVE-2015-7977 and CVE-2015-7978
2016-02-22 00:00:00
K00329831 : NTP vulnerabilities CVE-2015-8139 and CVE-2015-8140
2016-02-29 00:00:00
K06288381 : NTP vulnerabilities CVE-2015-7977 and CVE-2015-7978
2016-02-22 00:00:00
talos
talos
rosalinux
rosalinux
Advisory ROSA-SA-2021-1932
2021-07-02 17:35:16
ics
ics
Siemens TIM 4R-IE Devices
2021-04-13 12:00:00
seebug
seebug
centos
centos
ntp, ntpdate, sntp security update
2016-11-25 16:00:55
ntp, ntpdate, sntp security update
2016-01-25 14:27:37
redhat
redhat
(RHSA-2016:2583) Moderate: ntp security and bug fix update
2016-11-03 06:07:15
(RHSA-2016:0063) Important: ntp security update
2016-01-25 00:00:00
prion
prion
Design/Logic Flaw
2017-01-30 21:59:00
Design/Logic Flaw
2017-01-30 21:59:00
Code injection
2017-01-30 21:59:00
cvelist
cvelist
oraclelinux
oraclelinux
ntp security and bug fix update
2016-11-09 00:00:00
ntp security update
2016-01-25 00:00:00
gentoo
gentoo
NTP: Multiple vulnerabilities
2016-07-20 00:00:00
cve
cve
debiancve
debiancve
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:29:37
Denial Of Service (DoS)
2019-05-02 05:29:37
Denial Of Service (DoS)
2019-01-15 09:11:41
nvd
nvd
5.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
0.097 Low
EPSS
Percentile
94.8%
Related for CISCO-SA-20160127-NTPD