Boletines de Vulnerabilidades

Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products

Información sobre el sistema
   
Software afectado Cisco

Descripción
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to bypass authentication controls or to create a denial of service (DoS) condition.On April 7, 2015, NTP.org and US-CERT released a security advisory dealing with two issues regarding bypass of authentication controls. These vulnerabilities are referenced in this document as follows: CVE-2015-1798: NTP

More info:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpd?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Multiple%20Vulnerabilities%20in%20ntpd%20(April%202015)%20Affecting%20Cisco%2

Identificadores estándar
Propiedad Valor
CVE CVE-2015-1798 and CVE-2015-1799.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-04-09

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT