Boletines de Vulnerabilidades

IBM NTP vulnerabilities affect IBM SmartCloud Entry (CVE-2014-9297 CVE-2014-9298 CVE-2015-1798 CVE-2015-1799 CVE-2015-3405)

Información sobre el sistema
   
Software afectado IBM

Descripción
IBM SmartCloud Entry is vulnerable to several Network Time Protocol (NTP) Project NTP daemon (ntpd) vulnerabilities, which allow remote attackers exploit obtain sensetive information or cause a denial of service. CVE(s): CVE-2014-9297, CVE-2014-9298, CVE-2015-1798, CVE-2015-1799 and CVE-2015-3405 Affected product(s) and affected version(s): IBM SmartCloud Entry 2.2.0 through 2.2.0.3 Appliance fix pack 2 IBM SmartCloud Entry 2.3.0 through 2.3.0.3 Appliance fix pack 2 IBM SmartCloud

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_ntp_vulnerabilities_affect_ibm_smartcloud_entry_cve_2014_9297_cve_2014_9298_cve_2015_1798_cve_2015_1799_cve_2015_3405?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-9297 ,CVE-2014-9298 ,CVE-2015-1798 ,CVE-2015-1799 ,CVE-2015-3405 ,CVE-2014-3565 and CVE-2013-7424.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2015-10-28

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT