Guest

Preview Tool

Cisco Bug: CSCus88292 - February 2015 - NTPd.org Vulnerabilities

Last Modified

Jan 29, 2016

Products (1)

  • Cisco Jabber Guest

Known Affected Releases

10.0(2) 10.5(3)

Description (partial)

Symptom:
Cisco Jabber Guest includes a version of ntpd that is affected by the vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs: 

CVE-2014-9297, CVE-2014-9298

This product has been confirmed vulenrable to CVE-2014-9298 but is not affected by CVE-2014-9297

Additional information is available at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd

Conditions:
Device configured with IPv6.  Customers have terminal access to the underlying CentOS 6 machine and could thus enable IPv6 on interfaces. However, the actual product code for
Jabber Guest doesn't modify these settings.  Jabber Guest does also not support having IPv6 configured on its network interfaces.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.