BSA-2017-267

Brocade Fabric OS

2 more products

21424

02 May 2017

02 May 2017

Closed

Low

1.0

N/A

CVE-2016-0727

Summary

Security Advisory ID : BSA-2017-267

Component : NTP

Revision : 1.0: Interim

The cronjob script bundled with ntp package is intended to perform cleanup on statistics files produced by NTP daemon running with statistics enabled. The script is run as root during the daily cronjobs all operations on the ntp-user controlled statistics directory without switching to user ntp. Thus all steps are performed with root permissions in place.

Affected Products

Product Current Assessment
Brocade Virtual Traffic Manager Impacted - Appliance fixed in 17.1, 10.4r1, 9.9r2, and later.

Products Confirmed Not Vulnerable

Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Network OS, Brocade ServerIron ADX, Brocade Services Director, Brocade SLX-OS, Brocade Virtual ADX, Brocade Virtual Traffic Manager: Software, and Brocade Virtual Web Application Firewall are confirmed not affected by this vulnerability.

Workaround

There are no workarounds that address this vulnerability.

Revision History

Version Change Date
1.0 Initial Publication May 2, 2017