BSA-2017-218
21531
31 March 2017
31 March 2017
Closed
Medium
5.9
N/A
CVE-2016-9311
Summary
Security Advisory ID : BSA-2017-218
Component : ntp
Revision : 1.0: Interim
tpd does not enable trap service by default. If trap service has been explicitly enabled, an attacker can send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service.
Affected Products
Product | Current Assessment |
---|---|
Brocade 5400 vRouter | Impacted: Fixed in 17.1.0. |
Brocade 5600 vRouter | Impacted: Fixed in 17.1.0. |
Brocade Services Director | Impacted: Fixed in 17.1 and later. |
Products Confirmed Not Vulnerable
Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Brocade Network Advisor, Brocade Network OS, Brocade SDN Controller, Brocade ServerIron ADX, Brocade SLX-OS, Brocade Virtual ADX, BrocadeVirtual Traffic Manager: Software, Brocade Virtual Web Application Firewall and Brocade Workflow Composer are confirmed not affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | March 31, 2017 |