BSA-2017-257
Summary
Security Advisory ID : BSA-2017-257
Component : NTP
Revision : 1.0: Interim
It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to modify the time on the client.
Affected Products
Product | Current Assessment |
---|---|
Brocade NetIron OS | Impacted: Fixed in 6.1. |
Brocade FastIron OS | Impacted: Fixed in 08.0.50. |
Products Confirmed Not Vulnerable
Brocade Fabric OS, Brocade Network Advisor, Brocade Network OS, Brocade ServerIron ADX, Brocade SLX-OS, and Brocade Virtual ADX are confirmed not affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | May 2, 2017 |