it.ucsf.edu

Security Update:Multiple Vulnerabilities in Various Cisco Products Network Time Protocol Daemon (NTPd) Package

Status Type

Security Update

Date and Time

Thursday, January 28, 2016 - 15:44

Reason

Security Update

Impact

Various Cisco Products

 

WHAT HAPPENED?
Cisco released security updates for various products to address a vulnerability in the Network Time Protocol daemon (NTPd) package.

Advanced Users: For a complete description of the vulnerability visit Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016 at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis....


AFFECTED VERSIONS:

  • Various Cisco Products

Refer to Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016 at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis... for a list of vulnerable devices or devices currently under investigation.



WHAT'S THE PROBLEM?
Exploitation of one of these vulnerabilities could allow an attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.


WHAT DO I NEED TO DO?
Upgrade your software

1. Updates or workarounds may be obtained through Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016 at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cis....


RELATED LINKS