Preview Tool

Cisco Bug: CSCus26956 - December 2014 - Vulnerabilities

Last Modified

Jul 21, 2018

Products (1)

  • Cisco Carrier Routing System

Known Affected Releases

3.9.0.BASE 4.1.0.BASE 4.2.0.BASE 4.3.0.BASE 4.4.0.BASE 5.1.0.BASE 5.2.0.BASE 5.3.0.BASE

Description (partial)

The following Cisco products

Cisco IOS XR Software running on:

CSCus26956 impacts all releases prior to XR 5.3.1.

include a version of NTPd that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-9293, CVE-2014-9294, CVE-2014-9295 and CVE-2014-9296

This bug has been opened to address the potential impact on this product.

Please consult for further information.

Ntpd service runs by default on router.  All nodes in system sync to local clock of DLRSC node.

To configure ntp to sync to external server config cli is :: 
ntp server <IP>
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.