BSA-2017-267
Summary
Security Advisory ID : BSA-2017-267
Component : NTP
Revision : 1.0: Interim
The cronjob script bundled with ntp package is intended to perform cleanup on statistics files produced by NTP daemon running with statistics enabled. The script is run as root during the daily cronjobs all operations on the ntp-user controlled statistics directory without switching to user ntp. Thus all steps are performed with root permissions in place.
Affected Products
Product | Current Assessment |
Brocade Virtual Traffic Manager | Impacted - Appliance fixed in 17.1, 10.4r1, 9.9r2, and later. |
Products Confirmed Not Vulnerable
Brocade Fabric OS, Brocade FastIron OS, Brocade NetIron OS, Network OS, Brocade ServerIron ADX, Brocade Services Director, Brocade SLX-OS, Brocade Virtual ADX, Brocade Virtual Traffic Manager: Software, and Brocade Virtual Web Application Firewall are confirmed not affected by this vulnerability.
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | May 2, 2017 |