ID

VAR-201412-0615

CVE

CVE-2014-9293

TITLE

NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)

DESCRIPTION

The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. The NTP Project ntpd version 4.2.7 and pervious versions contain several vulnerabilities. ntp-keygen prior to version 4.2.7p230 also uses a non-cryptographic random number generator when generating symmetric keys. These vulnerabilities may affect ntpd acting as a server or client. Supplementary information : CWE Vulnerability types by CWE-332: Insufficient Entropy in PRNG (PRNG Insufficient entropy in ) Has been identified. http://cwe.mitre.org/data/definitions/332.htmlBrute force attack by a third party (Brute force attack) Could be used to break cryptographic protection mechanisms. NTP is prone to a security weakness. An attacker can exploit this issue to guess the generated key, and possibly use it to send an ntpdc query or configuration requests. Network Time Protocol is prone to an unspecified security vulnerability. Little is known about this issue or its effects at this time. We will update this BID as more information emerges. Network Time Protocol 4.2.7 is vulnerable; other versions may also be affected. Corrected: 2014-14-22 19:07:16 UTC (stable/10, 10.1-STABLE) 2014-12-23 22:56:01 UTC (releng/10.1, 10.1-RELEASE-p3) 2014-12-23 22:55:14 UTC (releng/10.0, 10.0-RELEASE-p15) 2014-14-22 19:08:09 UTC (stable/9, 9.3-STABLE) 2014-12-23 22:54:25 UTC (releng/9.3, 9.3-RELEASE-p7) 2014-12-23 22:53:44 UTC (releng/9.2, 9.2-RELEASE-p17) 2014-12-23 22:53:03 UTC (releng/9.1, 9.1-RELEASE-p24) 2014-14-22 19:08:09 UTC (stable/8, 8.4-STABLE) 2014-12-23 22:52:22 UTC (releng/8.4, 8.4-RELEASE-p21) CVE Name: CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. II. [CVE-2014-9293] The ntp-keygen(8) utility is also affected by a similar issue. [CVE-2014-9294] When Autokey Authentication is enabled, for example if ntp.conf(5) contains a 'crypto pw' directive, a remote attacker can send a carefully crafted packet that can overflow a stack buffer. [CVE-2014-9296] III. Impact The NTP protocol uses keys to implement authentication. The weak seeding of the pseudo-random number generator makes it easier for an attacker to brute-force keys, and thus may broadcast incorrect time stamps or masquerade as another time server. [CVE-2014-9295] IV. Workaround No workaround is available, but systems not running ntpd(8) are not affected. Because the issue may lead to remote root compromise, the FreeBSD Security Team recommends system administrators to firewall NTP ports, namely tcp/123 and udp/123 when it is not clear that all systems have been patched or have ntpd(8) stopped. V. Perform one of the following: 1) Upgrade your vulnerable system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date. 2) To update your vulnerable system via a binary patch: Systems running a RELEASE version of FreeBSD on the i386 or amd64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install 3) To update your vulnerable system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/SA-14:31/ntp.patch # fetch https://security.FreeBSD.org/patches/SA-14:31/ntp.patch.asc # gpg --verify ntp.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile the operating system using buildworld and installworld as described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. Restart the ntpd(8) daemons, or reboot the system. VI. Correction details The following list contains the correction revision numbers for each affected branch. Branch/path Revision - ------------------------------------------------------------------------- stable/8/ r276073 releng/8.4/ r276154 stable/9/ r276073 releng/9.1/ r276155 releng/9.2/ r276156 releng/9.3/ r276157 stable/10/ r276072 releng/10.0/ r276158 releng/10.1/ r276159 - ------------------------------------------------------------------------- To see which files were modified by a particular revision, run the following command, replacing NNNNNN with the revision number, on a machine with Subversion installed: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. This situation may be exploitable by an attacker (CVE-2014-9296). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296 http://advisories.mageia.org/MGASA-2014-0541.html _______________________________________________________________________ Updated Packages: Mandriva Business Server 1/X86_64: 25fe56fc0649ac9bb83be467969c2380 mbs1/x86_64/ntp-4.2.6p5-8.1.mbs1.x86_64.rpm 9409f5337bc2a2682e09db81e769cd5c mbs1/x86_64/ntp-client-4.2.6p5-8.1.mbs1.x86_64.rpm df65cc9c536cdd461e1ef95318ab0d3b mbs1/x86_64/ntp-doc-4.2.6p5-8.1.mbs1.x86_64.rpm 53f446bffdf6e87726a9772e946c5e34 mbs1/SRPMS/ntp-4.2.6p5-8.1.mbs1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n a-c04916783 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04916783 Version: 1 HPSBHF03432 rev.1 - HPE Networking Comware 5, Comware 5 Low Encryption SW, Comware 7, VCX Using NTP, Remote Access Restriction Bypass and Code Execution NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2015-12-09 Last Updated: 2015-12-09 Potential Security Impact: Remote Access Restriction Bypass, Code Execution Source: Hewlett Packard Enterprise, Product Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HPE Networking Comware 5, Comware 5, Low Encryption SW, Comware 7, and VCX, Using NTP. The vulnerabilities could be remotely exploited resulting in resulting in remote access restriction bypass and code execution. References: SSRT101878 CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. See the RESOLUTION section for a list of impacted hardware and Comware 5, Comware 5 Low Encryption SW, Comware 7, and VCX versions. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2014-9293 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9294 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2014-9295 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION Hewlett Packard Enterprise has provided updated Comware 5, Comware 5 Low Encryption SW, Comware 7 and VCX to address this on Impacted Hewlett Packard Enterprise products. Family Fixed Version HP Branded Products Impacted H3C Branded Products Impacted CVE # 8800 (Comware 5) R3627P04 JC137A HP 8805/8808/8812 (2E) Main Control Unit Module, JC138A HP 8805/8808/8812 (1E) Main Control Unit Module, JC141A HP 8802 Main Control Unit Module, JC147A HP 8802 Router Chassis, JC147B HP 8802 Router Chassis, JC148A HP 8805 Router Chassis, JC148B HP 8805 Router Chassis, JC149A HP 8808 Router Chassis, JC149B HP 8808 Router Chassis, JC150A HP 8812 Router Chassis, JC150B HP 8812 Router Chassis, JC596A HP 8800 Dual Fabric Main Processing Unit, JC597A HP 8800 Single Fabric Main Processing Unit CVE-2014-9295 A6600 (Comware 5) R3303P18 JC165A HP 6600 RPE-X1 Router Module, JC177A HP 6608 Router, JC177B HP 6608 Router Chassis, JC178A HP 6604 Router Chassis, JC178B HP 6604 Router Chassis, JC496A HP 6616 Router Chassis, JC566A HP 6600 RSE-X1 Router Main Processing Unit, JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit, JG781A HP 6600 RPE-X1 TAA-compliant Main Processing Unit CVE-2014-9295 HSR6602 (Comware 5) R3303P18 JC176A HP 6602 Router Chassis, JG353A HP HSR6602-G Router, JG354A HP HSR6602-XG Router, JG355A HP 6600 MCP-X1 Router Main Processing Unit, JG356A HP 6600 MCP-X2 Router Main Processing Unit, JG776A HP HSR6602-G TAA-compliant Router, JG777A HP HSR6602-XG TAA-compliant Router, JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit CVE-2014-9295 HSR6800 (Comware 5) R3303P18 JG361A HP HSR6802 Router Chassis, JG362A HP HSR6804 Router Chassis, JG363A HP HSR6808 Router Chassis, JG364A HP HSR6800 RSE-X2 Router Main Processing Unit, JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit CVE-2014-9295 MSR20 (Comware 5) R2513P45 JD432A HP A-MSR20-21 Router, JD662A HP MSR20-20 Router, JD663A HP A-MSR20-21 Router, JD663B HP MSR20-21 Router, JD664A HP MSR20-40 Router, JF228A HP MSR20-40 Router, JF283A HP MSR20-20 Router CVE-2014-9295 MSR20-1X (Comware 5) R2513P45 JD431A HP MSR20-10 Router, JD667A HP MSR20-15 IW Multi-Service Router, JD668A HP MSR20-13 Multi-Service Router, JD669A HP MSR20-13 W Multi-Service Router, JD670A HP MSR20-15 A Multi-Service Router, JD671A HP MSR20-15 AW Multi-Service Router, JD672A HP MSR20-15 I Multi-Service Router, JD673A HP MSR20-11 Multi-Service Router, JD674A HP MSR20-12 Multi-Service Router, JD675A HP MSR20-12 W Multi-Service Router, JD676A HP MSR20-12 T1 Multi-Service Router, JF236A HP MSR20-15-I Router, JF237A HP MSR20-15-A Router, JF238A HP MSR20-15-I-W Router, JF239A HP MSR20-11 Router, JF240A HP MSR20-13 Router, JF241A HP MSR20-12 Router, JF806A HP MSR20-12-T Router, JF807A HP MSR20-12-W Router, JF808A HP MSR20-13-W Router, JF809A HP MSR20-15-A-W Router, JF817A HP MSR20-15 Router, JG209A HP MSR20-12-T-W Router (NA), JG210A HP MSR20-13-W Router (NA) H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1, H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393), H3C RT-MSR2015-AC-OVS-I-H3 (0235A394), H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V), H3C MSR 20-11 (0235A31V), H3C MSR 20-12 (0235A32E), H3C MSR 20-12 T1 (0235A32B), H3C MSR 20-13 (0235A31W), H3C MSR 20-13 W (0235A31X), H3C MSR 20-15 A (0235A31Q), H3C MSR 20-15 A W (0235A31R), H3C MSR 20-15 I (0235A31N), H3C MSR 20-15 IW (0235A31P), H3C MSR20-12 W (0235A32G) CVE-2014-9295 MSR 30 (Comware 5) R2513P45 JD654A HP MSR30-60 POE Multi-Service Router, JD657A HP MSR30-40 Multi-Service Router, JD658A HP MSR30-60 Multi-Service Router, JD660A HP MSR30-20 POE Multi-Service Router, JD661A HP MSR30-40 POE Multi-Service Router, JD666A HP MSR30-20 Multi-Service Router, JF229A HP MSR30-40 Router, JF230A HP MSR30-60 Router, JF232A HP RTMSR3040-AC-OVSAS-H3, JF235A HP MSR30-20 DC Router, JF284A HP MSR30-20 Router, JF287A HP MSR30-40 DC Router, JF801A HP MSR30-60 DC Router, JF802A HP MSR30-20 PoE Router, JF803A HP MSR30-40 PoE Router, JF804A HP MSR30-60 PoE Router H3C MSR 30-20 Router (0235A328), H3C MSR 30-40 Router Host(DC) (0235A268), H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322), H3C RT-MSR3020-DC-OVS-H3 (0235A267), H3C RT-MSR3040-AC-OVS-H (0235A299), H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323), H3C RT-MSR3060-AC-OVS-H3 (0235A320), H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296), H3C RT-MSR3060-DC-OVS-H3 (0235A269), H3C MSR 30-20 RTVZ33020AS Router Host(AC) (0235A20S), H3C MSR 30-20 (0235A19L), H3C MSR 30-20 POE (0235A239), H3C MSR 30-40 (0235A20J), H3C MSR 30-40 POE (0235A25R), H3C MSR 30-60 (0235A20K), H3C MSR 30-60 POE (0235A25S), H3C RT-MSR3040-AC-OVS-AS-H3 (0235A20V) CVE-2014-9295 MSR 30-16 (Comware 5) R2513P45 JD659A HP MSR30-16 POE Multi-Service Router, JD665A HP MSR30-16 Multi-Service Router, JF233A HP MSR30-16 Router, JF234A HP MSR30-16 PoE Router, H3C RT-MSR3016-AC-OVS-H3 (0235A327), H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321), H3C MSR 30-16 (0235A237), H3C MSR 30-16 POE (0235A238) CVE-2014-9295 MSR 30-1X (Comware 5) R2513P45 JF800A HP MSR30-11 Router, JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr, JG182A HP MSR30-11E Router, JG183A HP MSR30-11F Router, JG184A HP MSR30-10 DC Router 2FE 2SIC 1XMIM 256DDR (0235A39H), H3C RT-MSR3011-AC-OVS-H3 (0235A29L) CVE-2014-9295 MSR 50 (Comware 5) R2513P45 JD433A HP MSR50-40 Router, JD653A HP MSR50 Processor Module, JD655A HP MSR50-40 Multi-Service Router, JD656A HP MSR50-60 Multi-Service Router, JF231A HP MSR50-60 Router, JF285A HP MSR50-40 DC Router, JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297), H3C MSR5040-DCOVS-H3C (0235A20P), H3C RT-MSR5060-AC-OVS-H3 (0235A298), H3C MSR 50-40 Chassis (0235A20N), H3C MSR 50-60 Chassis (0235A20L) CVE-2014-9295 MSR 50-G2 (Comware 5) R2513P45 JD429A HP MSR50 G2 Processor Module, JD429B HP MSR50 G2 Processor Module H3C H3C MSR 50 Processor Module-G2 (0231A84Q), H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD (0231A0KL) CVE-2014-9295 MSR 9XX (Comware 5) R2513P45 JF812A HP MSR900 Router, JF813A HP MSR920 Router, JF814A HP MSR900-W Router, JF815A HP MSR920 2FEWAN/8FELAN/.11 b/g Rtr, JG207A HP MSR900-W Router (NA), JG208A HP MSR920-W Router (NA) H3C MSR 900 Router with 802.11b/g 2 FE WAN 4 FE LAN 256DDR 802.11b (0235A0C2), H3C MSR 900 Router 2 FE WAN 4 FE LAN 256DDR (0235A0BX), H3C MSR 920 Router with 802.11b/g 2 FE WAN 8 FE LAN 256DDR (0235A0C4), H3C MSR 920 Router 2 FE WAN 8 FE LAN 256DDR (0235A0C0) CVE-2014-9295 MSR 93X (Comware 5) R2513P45 JG512A HP MSR930 Wireless Router, JG513A HP MSR930 3G Router, JG514A HP MSR931 Router, JG515A HP MSR931 3G Router, JG516A HP MSR933 Router, JG517A HP MSR933 3G Router, JG518A HP MSR935 Router, JG519A HP MSR935 Wireless Router, JG520A HP MSR935 3G Router, JG531A HP MSR931 Dual 3G Router, JG596A HP MSR930 4G LTE/3G CDMA Router, JG597A HP MSR936 Wireless Router, JG665A HP MSR930 4G LTE/3G WCDMA Global Router, JG704A HP MSR930 4G LTE/3G WCDMA ATT Router N/A CVE-2014-9295 MSR1000 (Comware 5) R2513P45 JG732A HP MSR1003-8 AC Router N/A CVE-2014-9295 MSR20 (Comware 5 - Low Encryption SW) R2513L61 JD663B HP MSR20-21 Router, JF228A HP MSR20-40 Router, JF283A HP MSR20-20 Router H3C RT-MSR2020-AC-OVS-H3C (0235A324), H3C RT-MSR2040-AC-OVS-H3 (0235A326) CVE-2014-9295 MSR20-1X (Comware 5 - Low Encryption SW) R2513L61 JD431A HP MSR20-10 Router, JF236A HP MSR20-15-I Router, JF237A HP MSR20-15-A Router, JF238A HP MSR20-15-I-W Router, JF239A HP MSR20-11 Router, JF240A HP MSR20-13 Router, JF241A HP MSR20-12 Router, JF806A HP MSR20-12-T Router, JF807A HP MSR20-12-W Router, JF808A HP MSR20-13-W Router, JF809A HP MSR20-15-A-W Router, JF817A HP MSR20-15 Router H3C MSR 20-10 (0235A0A7), H3C RT-MSR2015-AC-OVS-I-H3 (0235A394), H3C RT-MSR2015-AC-OVS-A-H3 (0235A392), H3C RT-MSR2015-AC-OVS-AW-H3 (0235A393), H3C RT-MSR2011-AC-OVS-H3 (0235A395), H3C RT-MSR2013-AC-OVS-H3 (0235A390), H3C RT-MSR2012-AC-OVS-H3 (0235A396), H3C RT-MSR2012-TAC-OVS-H3 (0235A398), H3C RT-MSR2012-AC-OVS-W-H3 (0235A397), H3C RT-MSR2013-AC-OVS-W-H3 (0235A391), H3C RT-MSR2015-AC-OVS-IW-H3 (0235A38V), H3C MSR 20-15 Router Host(AC) 1 FE 4 LSW 1 ADSLoPOTS 1 DSIC (0235A0A8) CVE-2014-9295 MSR30 (Comware 5 - Low Encryption SW) R2513L61 JF229A HP MSR30-40 Router, JF230A HP MSR30-60 Router, JF235A HP MSR30-20 DC Router, JF284A HP MSR30-20 Router, JF287A HP MSR30-40 DC Router, JF801A HP MSR30-60 DC Router, JF802A HP MSR30-20 PoE Router, JF803A HP MSR30-40 PoE Router, JF804A HP MSR30-60 PoE Router H3C RT-MSR3040-AC-OVS-H (0235A299), H3C RT-MSR3060-AC-OVS-H3 (0235A320), H3C RT-MSR3020-DC-OVS-H3 (0235A267), H3C MSR 30-20 Router (0235A328), H3C MSR 30-40 Router Host(DC) (0235A268), H3C RT-MSR3060-DC-OVS-H3 (0235A269), H3C RT-MSR3020-AC-POE-OVS-H3 (0235A322), H3C RT-MSR3040-AC-POE-OVS-H3 (0235A323), H3C RT-MSR3060-AC-POE-OVS-H3 (0235A296) CVE-2014-9295 MSR30-16 (Comware 5 - Low Encryption SW) R2513L61 JF233A HP MSR30-16 Router, JF234A HP MSR30-16 PoE Router H3C RT-MSR3016-AC-OVS-H3 (0235A327), H3C RT-MSR3016-AC-POE-OVS-H3 (0235A321) CVE-2014-9295 MSR30-1X (Comware 5 - Low Encryption SW) R2513L61 JF800A HP MSR30-11 Router, JF816A HP MSR30-10 2 FE /2 SIC /1 MIM MS Rtr, JG182A HP MSR30-11E Router, JG183A HP MSR30-11F Router, JG184A HP MSR30-10 DC Router H3C RT-MSR3011-AC-OVS-H3 (0235A29L), H3C MSR 30-10 Router Host(AC) 2FE 2SIC 1XMIM 256DDR (0235A39H) CVE-2014-9295 MSR50 (Comware 5 - Low Encryption SW) R2513L61 JD433A HP MSR50-40 Router, JD653A HP MSR50Processor Module, JD655A HP MSR50-40 Multi-Service Router, JD656A HP MSR50-60 Multi-Service Router, JF231A HP MSR50-60 Router, JF285A HP MSR50-40 DC Router, JF640A HP MSR50-60 Rtr Chassis w DC PwrSupply H3C MSR 50-40 Router (0235A297), H3C MSR 50 Processor Module (0231A791), H3C MSR 50-40 Chassis (0235A20N), H3C MSR 50-60 Chassis (0235A20L), H3C RT-MSR5060-AC-OVS-H3 (0235A298), H3C MSR5040-DCOVS-H3C (0235A20P) CVE-2014-9295 MSR50 G2 (Comware 5 - Low Encryption SW) R2513L61 JD429B HP MSR50 G2 Processor Module H3C MSR 50 High Performance Main Processing Unit 3GE (Combo) 256F/1GD (0231A0KL) CVE-2014-9295 12500 (Comware 5) R1828P06 JC085A HP A12518 Switch Chassis, JC086A HP A12508 Switch Chassis, JC652A HP 12508 DC Switch Chassis, JC653A HP 12518 DC Switch Chassis, JC654A HP 12504 AC Switch Chassis, JC655A HP 12504 DC Switch Chassis, JF430A HP A12518 Switch Chassis, JF430B HP 12518 Switch Chassis, JF430C HP 12518 AC Switch Chassis, JF431A HP A12508 Switch Chassis, JF431B HP 12508 Switch Chassis, JF431C HP 12508 AC Switch Chassis, JC072B HP 12500 Main Processing Unit, JC808A HP 12500 TAA Main Processing Unit H3C S12508 Routing Switch (AC-1) (0235A0GE), H3C S12518 Routing Switch (AC-1) (0235A0GF), H3C S12508 Chassis (0235A0E6), H3C S12508 Chassis (0235A38N), H3C S12518 Chassis (0235A0E7), H3C S12518 Chassis (0235A38M), H3C 12508 DC Switch Chassis (0235A38L), H3C 12518 DC Switch Chassis (0235A38K) CVE-2014-9295 9500E (Comware 5) R1828P06 JC124A HP A9508 Switch Chassis, JC124B HP 9505 Switch Chassis, JC125A HP A9512 Switch Chassis, JC125B HP 9512 Switch Chassis, JC474A HP A9508-V Switch Chassis, JC474B HP 9508-V Switch Chassis H3C S9505E Routing-Switch Chassis (0235A0G6), H3C S9512E Routing-Switch Chassis (0235A0G7), H3C S9508E-V Routing-Switch Chassis (0235A38Q), H3C S9505E Chassis w/ Fans (0235A38P), H3C S9512E Chassis w/ Fans (0235A38R) CVE-2014-9295 10500 (Comware 5) R1208P10 JC611A HP 10508-V Switch Chassis, JC612A HP 10508 Switch Chassis, JC613A HP 10504 Switch Chassis, JC614A HP 10500 Main Processing Unit, JC748A HP 10512 Switch Chassis, JG375A HP 10500 TAA-compliant Main Processing Unit, JG820A HP 10504 TAA-compliant Switch Chassis, JG821A HP 10508 TAA-compliant Switch Chassis, JG822A HP 10508-V TAA-compliant Switch Chassis, JG823A HP 10512 TAA-compliant Switch Chassis CVE-2014-9295 7500 (Comware 5) R6708P10 JC666A HP 7503-S 144Gbps Fabric/MPU with PoE Upgradable 20-port Gig-T/4-port GbE Combo, JC697A HP 7502 TAA-compliant Main Processing Unit, JC698A HP 7503-S 144Gbps TAA Fabric / MPU with 16 GbE SFP Ports and 8 GbE Combo Ports, JC699A HP 7500 384Gbps TAA-compliant Fabric / MPU with 2 10GbE XFP Ports, JC700A HP 7500 384Gbps TAA-compliant Fabric / Main Processing Unit, JC701A HP 7500 768Gbps TAA-compliant Fabric / Main Processing Unit, JD193A HP 7500 384Gbps Fabric Module with 2 XFP Ports, JD193B HP 7500 384Gbps Fabric Module with 2 XFP Ports, JD194A HP 7500 384Gbps Fabric Module, JD194B HP 7500 384Gbps Fabric Module, JD195A HP 7500 384Gbps Advanced Fabric Module, JD196A HP 7502 Fabric Module, JD220A HP 7500 768Gbps Fabric Module, JD224A HP 7500 384Gbps Fabric Module with 12 SFP Ports, JD238A HP 7510 Switch Chassis, JD238B HP 7510 Switch Chassis, JD239A HP 7506 Switch Chassis, JD239B HP 7506 Switch Chassis, JD240A HP 7503 Switch Chassis, JD240B HP 7503 Switch Chassis, JD241A HP 7506-V Switch Chassis, JD241B HP 7506-V Switch Chassis, JD242A HP 7502 Switch Chassis, JD242B HP 7502 Switch Chassis, JD243A HP 7503-S Switch Chassis with 1 Fabric Slot, JD243B HP 7503-S Switch Chassis with 1 Fabric Slot, JE164A HP E7902 Switch Chassis, JE165A HP E7903 Switch Chassis, JE166A HP E7903 1 Fabric Slot Switch Chassis, JE167A HP E7906 Switch Chassis, JE168A HP E7906 Vertical Switch Chassis, JE169A HP E7910 Switch Chassis CVE-2014-9295 5830 (Comware 5) R1118P11 JC691A HP 5830AF-48G Switch with 1 Interface Slot, JC694A HP 5830AF-96G Switch, JG316A HP 5830AF-48G TAA-compliant Switch w/1 Interface Slot, JG374A HP 5830AF-96G TAA-compliant Switch CVE-2014-9295 5800 (Comware 5) R1809P03 JC099A HP 5800-24G-PoE Switch, JC099B HP 5800-24G-PoE+ Switch, JC100A HP 5800-24G Switch, JC100B HP 5800-24G Switch, JC101A HP 5800-48G Switch with 2 Slots, JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots, JC103A HP 5800-24G-SFP Switch, JC103B HP 5800-24G-SFP Switch with 1 Interface Slot, JC104A HP 5800-48G-PoE Switch, JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot, JC105A HP 5800-48G Switch, JC105B HP 5800-48G Switch with 1 Interface Slot, JG254A HP 5800-24G-PoE+ TAA-compliant Switch, JG254B HP 5800-24G-PoE+ TAA-compliant Switch, JG255A HP 5800-24G TAA-compliant Switch, JG255B HP 5800-24G TAA-compliant Switch, JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot, JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot, JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot, JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot, JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot, JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot, JG225A HP 5800AF-48G Switch, JG225B HP 5800AF-48G Switch, JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots, JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface CVE-2014-9295 5820 (Comware 5) R1809P03 JG243A HP 5820-24XG-SFP+ TAA-compliant Switch, JG243B HP 5820-24XG-SFP+ TAA-compliant Switch, JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots & 1 OAA Slot, JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots and 1 OAA Slot, JC106A HP 5820-14XG-SFP+ Switch with 2 Slots, JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots & 1 OAA Slot, JG219A HP 5820AF-24XG Switch, JG219B HP 5820AF-24XG Switch, JC102A HP 5820-24XG-SFP+ Switch, JC102B HP 5820-24XG-SFP+ Switch CVE-2014-9295 5500 HI (Comware 5) R5501P06 JG311A HP 5500-24G-4SFP HI Switch with 2 Interface Slots, JG312A HP 5500-48G-4SFP HI Switch with 2 Interface Slots, JG541A HP 5500-24G-PoE+-4SFP HI Switch with 2 Interface Slots, JG542A HP 5500-48G-PoE+-4SFP HI Switch with 2 Interface Slots, JG543A HP 5500-24G-SFP HI Switch with 2 Interface Slots, JG679A HP 5500-24G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots, JG680A HP 5500-48G-PoE+-4SFP HI TAA-compliant Switch with 2 Interface Slots, JG681A HP 5500-24G-SFP HI TAA-compliant Switch with 2 Interface Slots CVE-2014-9295 5500 EI (Comware 5) R2221P08 JD373A HP 5500-24G DC EI Switch, JD374A HP 5500-24G-SFP EI Switch, JD375A HP 5500-48G EI Switch, JD376A HP 5500-48G-PoE EI Switch, JD377A HP 5500-24G EI Switch, JD378A HP 5500-24G-PoE EI Switch, JD379A HP 5500-24G-SFP DC EI Switch, JG240A HP 5500-48G-PoE+ EI Switch with 2 Interface Slots, JG241A HP 5500-24G-PoE+ EI Switch with 2 Interface Slots, JG249A HP 5500-24G-SFP EI TAA-compliant Switch with 2 Interface, JG250A HP 5500-24G EI TAA-compliant Switch with 2 Interface Slots, JG251A HP 5500-48G EI TAA-compliant Switch with 2 Interface Slots, JG252A HP 5500-24G-PoE+ EI TAA-compliant Switch with 2 Interface Slots, JG253A HP 5500-48G-PoE+ EI TAA-compliant Switch with 2 Interface Slots CVE-2014-9295 4800G (Comware 5) R2221P08 JD007A HP 4800-24G Switch, JD008A HP 4800-24G-PoE Switch, JD009A HP 4800-24G-SFP Switch, JD010A HP 4800-48G Switch, JD011A HP 4800-48G-PoE Switch CVE-2014-9295 5500SI (Comware 5) R2221P08 JD369A HP 5500-24G SI Switch, JD370A HP 5500-48G SI Switch, JD371A HP 5500-24G-PoE SI Switch, JD372A HP 5500-48G-PoE SI Switch, JG238A HP 5500-24G-PoE+ SI Switch with 2 Interface Slots, JG239A HP 5500-48G-PoE+ SI Switch with 2 Interface Slots CVE-2014-9295 4500G (Comware 5) R2221P08 JF428A HP 4510-48G Switch, JF847A HP 4510-24G Switch CVE-2014-9295 5120 EI (Comware 5) R2221P08 JE066A HP 5120-24G EI Switch, JE067A HP 5120-48G EI Switch, JE068A HP 5120-24G EI Switch with 2 Interface Slots, JE069A HP 5120-48G EI Switch with 2 Interface Slots, JE070A HP 5120-24G-PoE EI 2-slot Switch, JE071A HP 5120-48G-PoE EI 2-slot Switch, JG236A HP 5120-24G-PoE+ EI Switch with 2 Interface Slots, JG237A HP 5120-48G-PoE+ EI Switch with 2 Interface Slots, JG245A HP 5120-24G EI TAA-compliant Switch with 2 Interface Slots, JG246A HP 5120-48G EI TAA-compliant Switch with 2 Interface Slots, JG247A HP 5120-24G-PoE+ EI TAA-compliant Switch with 2 Slots, JG248A HP 5120-48G-PoE+ EI TAA-compliant Switch with 2 Slots CVE-2014-9295 4210G (Comware 5) R2221P08 JF844A HP 4210-24G Switch, JF845A HP 4210-48G Switch, JF846A HP 4210-24G-PoE Switch CVE-2014-9295 5120 SI (Comware 5) R1513P95 JE072A HP 5120-48G SI Switch, JE073A HP 5120-16G SI Switch, JE074A HP 5120-24G SI Switch, JG091A HP 5120-24G-PoE+ (370W) SI Switch, JG092A HP 5120-24G-PoE+ (170W) SI Switch CVE-2014-9295 3610 (Comware 5) R5319P10 JD335A HP 3610-48 Switch, JD336A HP 3610-24-4G-SFP Switch, JD337A HP 3610-24-2G-2G-SFP Switch, JD338A HP 3610-24-SFP Switch CVE-2014-9295 3600V2 (Comware 5) R2110P03 JG299A HP 3600-24 v2 EI Switch, JG299B HP 3600-24 v2 EI Switch, JG300A HP 3600-48 v2 EI Switch, JG300B HP 3600-48 v2 EI Switch, JG301A HP 3600-24-PoE+ v2 EI Switch, JG301B HP 3600-24-PoE+ v2 EI Switch, JG301C HP 3600-24-PoE+ v2 EI Switch, JG302A HP 3600-48-PoE+ v2 EI Switch, JG302B HP 3600-48-PoE+ v2 EI Switch, JG302C HP 3600-48-PoE+ v2 EI Switch, JG303A HP 3600-24-SFP v2 EI Switch, JG303B HP 3600-24-SFP v2 EI Switch, JG304A HP 3600-24 v2 SI Switch, JG304B HP 3600-24 v2 SI Switch, JG305A HP 3600-48 v2 SI Switch, JG305B HP 3600-48 v2 SI Switch, JG306A HP 3600-24-PoE+ v2 SI Switch, JG306B HP 3600-24-PoE+ v2 SI Switch, JG306C HP 3600-24-PoE+ v2 SI Switch, JG307A HP 3600-48-PoE+ v2 SI Switch, JG307B HP 3600-48-PoE+ v2 SI Switch, JG307C HP 3600-48-PoE+ v2 SI Switch CVE-2014-9295 3100V2-48 (Comware 5) R2110P03 JG315A HP 3100-48 v2 Switch, JG315B HP 3100-48 v2 Switch CVE-2014-9295 3100V2 (Comware 5) R5203P11 JD313B HP 3100-24-PoE v2 EI Switch, JD318B HP 3100-8 v2 EI Switch, JD319B HP 3100-16 v2 EI Switch, JD320B HP 3100-24 v2 EI Switch, JG221A HP 3100-8 v2 SI Switch, JG222A HP 3100-16 v2 SI Switch, JG223A HP 3100-24 v2 SI Switch CVE-2014-9295 HP870 (Comware 5) R2607P35 JG723A HP 870 Unified Wired-WLAN Appliance, JG725A HP 870 Unified Wired-WLAN TAA-compliant Appliance CVE-2014-9295 HP850 (Comware 5) R2607P35 JG722A HP 850 Unified Wired-WLAN Appliance, JG724A HP 850 Unified Wired-WLAN TAA-compliant Appliance CVE-2014-9295 HP830 (Comware 5) R3507P35 JG640A HP 830 24-Port PoE+ Unified Wired-WLAN Switch, JG641A HP 830 8-port PoE+ Unified Wired-WLAN Switch, JG646A HP 830 24-Port PoE+ Unified Wired-WLAN TAA-compliant Switch, JG647A HP 830 8-Port PoE+ Unified Wired-WLAN TAA-compliant CVE-2014-9295 HP6000 (Comware 5) R2507P35 JG639A HP 10500/7500 20G Unified Wired-WLAN Module, JG645A HP 10500/7500 20G Unified Wired-WLAN TAA-compliant Module CVE-2014-9295 WX5004-EI (Comware 5) R2507P35 JD447B HP WX5002 Access Controller, JD448A HP WX5004 Access Controller, JD448B HP WX5004 Access Controller, JD469A HP WX5004 Access Controller CVE-2014-9295 SecBlade FW (Comware 5) R3181P05 JC635A HP 12500 VPN Firewall Module, JD245A HP 9500 VPN Firewall Module, JD249A HP 10500/7500 Advanced VPN Firewall Module, JD250A HP 6600 Firewall Processing Router Module, JD251A HP 8800 Firewall Processing Module, JD255A HP 5820 VPN Firewall Module CVE-2014-9295 F1000-E (Comware 5) R3181P05 JD272A HP F1000-E VPN Firewall Appliance CVE-2014-9295 F1000-A-EI (Comware 5) R3734P06 JG214A HP F1000-A-EI VPN Firewall Appliance CVE-2014-9295 F1000-S-EI (Comware 5) R3734P06 JG213A HP F1000-S-EI VPN Firewall Appliance CVE-2014-9295 F5000-A (Comware 5) F3210P23 JD259A HP A5000-A5 VPN Firewall Chassis, JG215A HP F5000 Firewall Main Processing Unit, JG216A HP F5000 Firewall Standalone Chassis CVE-2014-9295 U200S and CS (Comware 5) F5123P31 JD273A HP U200-S UTM Appliance CVE-2014-9295 U200A and M (Comware 5) F5123P31 JD275A HP U200-A UTM Appliance CVE-2014-9295 F5000-C/S (Comware 5) R3811P03 JG650A HP F5000-C VPN Firewall Appliance, JG370A HP F5000-S VPN Firewall Appliance CVE-2014-9295 SecBlade III (Comware 5) R3820P03 JG371A HP 12500 20Gbps VPN Firewall Module, JG372A HP 10500/11900/7500 20Gbps VPN Firewall Module CVE-2014-9295 MSR20 RU (Comware 5 Low Encryption SW) R2513L61 JD432A HP A-MSR20-21 Router, JD662A HP MSR20-20 Router, JD663A HP A-MSR20-21 Router, JD663B HP MSR20-21 Router, JD664A HP MSR20-40 Router, JF228A HP MSR20-40, JF283A HP MSR20-20 Router CVE-2014-9295 MSR20-1X RU (Comware 5 Low Encryption SW) R2513L61 JD431A HP MSR20-10 Router, JD667A HP A-MSR20-15 IW Multi-service Router, JD668A HP MSR20-13 Router, JD669A HP MSR20-13-W Router, JD670A HP A-MSR20-15 A Multi-service Router, JD671A HP A-MSR20-15 AW Multi-service Router, JD672A HP A-MSR20-15 I Multi-service Router, JD673A HP MSR20-11 Router, JD674A HP MSR20-12 Router, JD675A HP MSR20-12-W Router, JD676A HP MSR20-12-T Router, JF236A HP MSR20-15-I Router, JF237A HP MSR20-15-A Router, JF238A HP MSR20-15-I-W Router, JF239A HP MSR20-11 Router, JF240A HP MSR20-13 Router, JF241A HP MSR20-12 Router, JF806A HP MSR20-12-T Router, JF807A HP MSR20-12-W Router, JF808A HP MSR20-13-W Router, JF809A HP MSR20-15-A-W Router, JF817A HP MSR20-15 Router, JG209A HP MSR20-12-T-W Router, JG210A HP MSR20-13-W Router CVE-2014-9295 MSR30 RU (Comware 5 Low Encryption SW) R2513L61 JD654A HP MSR30-60 PoE Router, JD657A HP MSR30-40 Router, JD658A HP MSR30-60 Router, JD660A HP MSR30-20 PoE Router, JD661A HP MSR30-40 PoE Router, JD666A HP MSR30-20 Router, JF229A HP MSR30-40 Router, JF230A HP MSR30-60 Router, JF232A HP A-MSR30-40 (RT-MSR3040-AC-OVS-AS-H3) Multi-service Router, JF235A HP MSR30-20 DC Router, JF284A HP MSR30-20 Router, JF287A HP MSR30-40 DC Router, JF801A HP MSR30-60 DC Router, JF802A HP MSR30-20 PoE Router, JF803A HP MSR30-40 PoE Router, JF804A HP MSR30-60 PoE Router, JG728A HP MSR30-20 TAA-compliant DC Router, JG729A HP MSR30-20 TAA-compliant Router CVE-2014-9295 MSR301X RU (Comware 5 Low Encryption SW) R2513L61 JF800A HP MSR30-11 Router, JF816A HP MSR30-10 Router, JG182A HP MSR30-11E Router, JG183A HP MSR30-11F Router, JG184A HP MSR30-10 DC Router CVE-2014-9295 MSR316 RU (Comware 5 Low Encryption SW) R2513L61 JD659A HP MSR30-16 PoE Router, JD665A HP MSR30-16 Router, JF233A HP MSR30-16 Router, JF234A HP MSR30-16 PoE Router CVE-2014-9295 MSR50 RU (Comware 5 Low Encryption SW) R2513L61 JD433A HP MSR50-40 Router, JD653A HP MSR50 Processor Module, JD655A HP MSR 50-40 Router, JD656A HP MSR50-60 Router, JF231A HP MSR50-60 Router, JF285A HP MSR50-40 DC Router, JF640A HP MSR50-60 Router Chassis with DC Power Supply CVE-2014-9295 MSR50 EPU RU (Comware 5 Low Encryption SW) R2513L61 JD429A HP MSR50 G2 Processor Module, JD429B HP MSR50 G2 Processor Module, JD433A HP MSR50-40 Router, JD655A HP MSR 50-40 Router, JD656A HP MSR50-60 Router, JF231A HP MSR50-60 Router, JF285A HP MSR50-40 DC Router, JF640A HP MSR50-60 Router Chassis with DC Power Supply CVE-2014-9295 MSR1000 RU (Comware 5 Low Encryption SW) R2513L61 JG732A HP MSR1003-8 AC Router CVE-2014-9295 6600 RSE RU (Comware 5 Low Encryption SW) R3303P18 JC566A HP 6600 RSE-X1 Router Main Processing Unit, JG780A HP 6600 RSE-X1 TAA-compliant Main Processing Unit CVE-2014-9295 6600 RPE RU (Comware 5 Low Encryption SW) R3303P18 JC165A) HP 6600 RPE-X1 Router Module, JG781A) HP 6600 RPE-X1 TAA-compliant Main Processing Unit CVE-2014-9295 6602 RU (Comware 5 Low Encryption SW) R3303P18 JC176A) HP 6602 Router Chassis CVE-2014-9295 HSR6602 RU (Comware 5 Low Encryption SW) R3303P18 JC177A HP 6608 Router, JC177B HP 6608 Router Chassis, JC178A HP 6604 Router Chassis, JC178B HP 6604 Router Chassis, JC496A HP 6616 Router Chassis, JG353A HP HSR6602-G Router, JG354A HP HSR6602-XG Router, JG355A HP 6600 MCP-X1 Router Main Processing Unit, JG356A HP 6600 MCP-X2 Router Main Processing Unit, JG776A HP HSR6602-G TAA-compliant Router, JG777A HP HSR6602-XG TAA-compliant Router, JG778A HP 6600 MCP-X2 Router TAA-compliant Main Processing Unit CVE-2014-9295 HSR6800 RU (Comware 5 Low Encryption SW) R3303P18 JG361A HP HSR6802 Router Chassis, JG362A HP HSR6804 Router Chassis, JG363A HP HSR6808 Router Chassis, JG364A HP HSR6800 RSE-X2 Router Main Processing Unit, JG779A HP HSR6800 RSE-X2 Router TAA-compliant Main Processing Unit CVE-2014-9295 SMB1910 (Comware 5) R1108 JG540A HP 1910-48 Switch, JG539A HP 1910-24-PoE+ Switch, JG538A HP 1910-24 Switch, JG537A HP 1910-8 -PoE+ Switch, JG536A HP 1910-8 Switch CVE-2014-9295 SMB1920 (Comware 5) R1106 JG928A HP 1920-48G-PoE+ (370W) Switch, JG927A HP 1920-48G Switch, JG926A HP 1920-24G-PoE+ (370W) Switch, JG925A HP 1920-24G-PoE+ (180W) Switch, JG924A HP 1920-24G Switch, JG923A HP 1920-16G Switch, JG922A HP 1920-8G-PoE+ (180W) Switch, JG921A HP 1920-8G-PoE+ (65W) Switch, JG920A HP 1920-8G Switch CVE-2014-9295 V1910 (Comware 5) R1513P95 JE005A HP 1910-16G Switch, JE006A HP 1910-24G Switch, JE007A HP 1910-24G-PoE (365W) Switch, JE008A HP 1910-24G-PoE(170W) Switch, JE009A HP 1910-48G Switch, JG348A HP 1910-8G Switch, JG349A HP 1910-8G-PoE+ (65W) Switch, JG350A HP 1910-8G-PoE+ (180W) Switch CVE-2014-9295 SMB 1620 (Comware 5) R1105 JG914A HP 1620-48G Switch, JG913A HP 1620-24G Switch, JG912A HP 1620-8G Switch CVE-2014-9295 COMWARE 7 Products 12500 (Comware 7) R7328P04 JC085A HP A12518 Switch Chassis, JC086A HP A12508 Switch Chassis, JC652A HP 12508 DC Switch Chassis, JC653A HP 12518 DC Switch Chassis, JC654A HP 12504 AC Switch Chassis, JC655A HP 12504 DC Switch Chassis, JF430A HP A12518 Switch Chassis, JF430B HP 12518 Switch Chassis, JF430C HP 12518 AC Switch Chassis, JF431A HP A12508 Switch Chassis, JF431B HP 12508 Switch Chassis, JF431C HP 12508 AC Switch Chassis, JC072B HP 12500 Main Processing Unit, JG497A HP 12500 MPU w/Comware V7 OS, JG782A HP FF 12508E AC Switch Chassis, JG783A HP FF 12508E DC Switch Chassis, JG784A HP FF 12518E AC Switch Chassis, JG785A HP FF 12518E DC Switch Chassis, JG802A HP FF 12500E MPU, JG836A HP FlexFabric 12518E AC Switch TAA-compliant Chassis, JG834A HP FlexFabric 12508E AC Switch TAA-compliant Chassis, JG835A HP FlexFabric 12508E DC Switch TAA-compliant Chassis, JG837A HP FlexFabric 12518E DC Switch TAA-compliant Chassis, JG803A HP FlexFabric 12500E TAA-compliant Main Processing Unit, JG796A HP FlexFabric 12500 48-port 10GbE SFP+ FD Module, JG790A HP FlexFabric 12500 16-port 40GbE QSFP+ FD Module, JG794A HP FlexFabric 12500 40-port 10GbE SFP+ FG Module, JG792A HP FlexFabric 12500 40-port 10GbE SFP+ FD Module, JG788A HP FlexFabric 12500 4-port 100GbE CFP FG Module, JG786A HP FlexFabric 12500 4-port 100GbE CFP FD Module, JG797A HP FlexFabric 12500 48-port 10GbE SFP+ FD TAA-compliant Module, JG791A HP FlexFabric 12500 16-port 40GbE QSFP+ FD TAA-compliant Module, JG795A HP FlexFabric 12500 40-port 10GbE SFP+ FG TAA-compliant Module, JG793A HP FlexFabric 12500 40-port 10GbE SFP+ FD TAA-compliant Module, JG789A HP FlexFabric 12500 4-port 100GbE CFP FG TAA-compliant Module, JG787A HP FlexFabric 12500 4-port 100GbE CFP FD TAA-compliant Module, JG798A HP FlexFabric 12508E Fabric Module H3C S12508 Routing Switch (AC-1) (0235A0GE), H3C S12518 Routing Switch (AC-1) (0235A0GF), H3C S12508 Chassis (0235A0E6), H3C S12508 Chassis (0235A38N), H3C S12518 Chassis (0235A0E7), H3C S12518 Chassis (0235A38M), H3C 12508 DC Switch Chassis (0235A38L), H3C 12518 DC Switch Chassis (0235A38K) CVE-2014-9295 11900 (Comware 7) R7169P01 JG608A HP FF 11908-V Switch Chassis, JG609A HP FF 11900 Main Processing Unit, JG610A HP FF 11908 1.92Tbps Type D Fabric Module, JG611A HP FF 11900 32p 10GbE SFP+ SF Module, JG612A HP FF 11900 48p 10GbE SFP+ SF Module, JG613A HP FF 11900 4p 40GbE QSFP+ SF Module, JG614A HP FF 11900 8p 40GbE QSFP+ SF Module, JG615A HP FF 11900 24-p 1/10GBASE-T SF Module, JG616A HP FF 11900 2500W AC Power Supply, JG617A HP FF 11900 2400W DC Power Supply, JG618A HP FF 11908-V Spare Fan Assy, JG918A HP FF 11900 2p 100GbE CFP SE Module CVE-2014-9295 10500 (Comware 7) R7150 JC611A HP 10508-V Switch Chassis, JC612A HP 10508 Switch Chassis, JC613A HP 10504 Switch Chassis, JC748A HP 10512 Switch Chassis, JG820A HP 10504 TAA Switch Chassis, JG821A HP 10508 TAA Switch Chassis, JG822A HP 10508-V TAA Switch Chassis, JG823A HP 10512 TAA Switch Chassis, JG496A HP 10500 Type A MPU w/Comware v7 OS, JH198A HP 10500 Type D Main Processing Unit with Comware v7 Operating System, JH191A HP 10500 44-port GbE(SFP,LC)/ 4-port 10GbE SFP+ (SFP+,LC) SE Module, JH192A HP 10500 48-port Gig-TRJ45SE Module, JH193A HP 10500 16-port 10GbE SFP+ (SFP+,LC) SF Module, JH194A HP 10500 24-port 10GbE SFP+ (SFP+,LC) EC Module, JH195A HP 10500 6-port 40GbE QSFP+ EC Module, JH196A HP 10500 2-port 100GbE CFP EC Module, JH197A HP 10500 48-port 10GbE SFP+ (SFP+,LC) SG Module N/A CVE-2014-9295 12900 (Comware 7) R1112 JG619A HP FlexFabric 12910 Switch AC Chassis, JG621A HP FlexFabric 12910 Main Processing Unit, JG632A HP FlexFabric 12916 Switch AC Chassis, JG634A HP FlexFabric 12916 Main Processing Unit CVE-2014-9295 5900 (Comware 7) R2311P06 JC772A HP 5900AF-48XG-4QSFP+ Switch, JG336A HP 5900AF-48XGT-4QSFP+ Switch, JG510A HP 5900AF-48G-4XG-2QSFP+ Switch, JG554A HP 5900AF-48XG-4QSFP+ TAA Switch, JG838A HP FF 5900CP-48XG-4QSFP+ Switch, JH036A HP FlexFabric 5900CP 48XG 4QSFP+ TAA-Compliant, JH037A HP 5900AF 48XGT 4QSFP+ TAA-Compliant Switch, JH038A) HP 5900AF 48G 4XG 2QSFP+ TAA-Compliant CVE-2014-9295 5920 (Comware 7) R2311P06 JG296A HP 5920AF-24XG Switch, JG555A HP 5920AF-24XG TAA Switch CVE-2014-9295 MSR1000 (Comware 7) R0106P31 JG875A HP MSR1002-4 AC Router, JH060A HP MSR1003-8S AC Router CVE-2014-9295 MSR2000 (Comware 7) R0106P31 JG411A HP MSR2003 AC Router, JG734A HP MSR2004-24 AC Router, JG735A) HP MSR2004-48 Router, JG866A HP MSR2003 TAA-compliant AC Router CVE-2014-9295 MSR3000 (Comware 7) R0106P31 JG404A HP MSR3064 Router, JG405A HP MSR3044 Router, JG406A HP MSR3024 AC Router, JG407A HP MSR3024 DC Router, JG408A HP MSR3024 PoE Router, JG409A HP MSR3012 AC Router, JG410A HP MSR3012 DC Router, JG861A HP MSR3024 TAA-compliant AC Router CVE-2014-9295 MSR4000 (Comware 7) R0106P31 JG402A HP MSR4080 Router Chassis, JG403A HP MSR4060 Router Chassis, JG412A HP MSR4000 MPU-100 Main Processing Unit, JG869A HP MSR4000 TAA-compliant MPU-100 Main Processing Unit CVE-2014-9295 5800 (Comware 7) R7006P12 JC099A HP 5800-24G-PoE Switch, JC099B HP 5800-24G-PoE+ Switch, JC100A HP 5800-24G Switch, JC100B HP 5800-24G Switch, JC101A HP 5800-48G Switch with 2 Slots, JC101B HP 5800-48G-PoE+ Switch with 2 Interface Slots, JC103A HP 5800-24G-SFP Switch, JC103B HP 5800-24G-SFP Switch with 1 Interface Slot, JC104A HP 5800-48G-PoE Switch, JC104B HP 5800-48G-PoE+ Switch with 1 Interface Slot, JC105A HP 5800-48G Switch, JC105B HP 5800-48G Switch with 1 Interface Slot, JG254A HP 5800-24G-PoE+ TAA-compliant Switch, JG254B HP 5800-24G-PoE+ TAA-compliant Switch, JG255A HP 5800-24G TAA-compliant Switch, JG255B HP 5800-24G TAA-compliant Switch, JG256A HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot, JG256B HP 5800-24G-SFP TAA-compliant Switch with 1 Interface Slot, JG257A HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot, JG257B HP 5800-48G-PoE+ TAA-compliant Switch with 1 Interface Slot, JG258A HP 5800-48G TAA-compliant Switch with 1 Interface Slot, JG258B HP 5800-48G TAA-compliant Switch with 1 Interface Slot, JG225A HP 5800AF-48G Switch, JG225B HP 5800AF-48G Switch, JG242A HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots, JG242B HP 5800-48G-PoE+ TAA-compliant Switch with 2 Interface Slots, JG243A HP 5820-24XG-SFP+ TAA-compliant Switch, JG243B HP 5820-24XG-SFP+ TAA-compliant Switch, JG259A HP 5820X-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots & 1 OAA Slot, JG259B HP 5820-14XG-SFP+ TAA-compliant Switch with 2 Interface Slots and 1 OAA Slot, JC106A HP 5820-14XG-SFP+ Switch with 2 Slots, JC106B HP 5820-14XG-SFP+ Switch with 2 Interface Slots & 1 OAA Slot, JG219A HP 5820AF-24XG Switch, JG219B HP 5820AF-24XG Switch, JC102A HP 5820-24XG-SFP+ Switch, JC102B HP 5820-24XG-SFP+ Switch CVE-2014-9295 VSR (Comware 7) R0204P01 JG810AAE HP VSR1001 Virtual Services Router 60 Day Evaluation Software, JG811AAE HP VSR1001 Comware 7 Virtual Services Router, JG812AAE HP VSR1004 Comware 7 Virtual Services Router, JG813AAE HP VSR1008 Comware 7 Virtual Services Router CVE-2014-9295 7900 (Comware 7) R2122 JG682A HP FlexFabric 7904 Switch Chassis, JG841A HP FlexFabric 7910 Switch Chassis, JG842A HP FlexFabric 7910 7.2Tbps Fabric / Main Processing Unit, JH001A HP FlexFabric 7910 2.4Tbps Fabric / Main Processing Unit CVE-2014-9295 5130 (Comware 7) R3108P03 JG932A HP 5130-24G-4SFP+ EI Switch, JG933A HP 5130-24G-SFP-4SFP+ EI Switch, JG934A HP 5130-48G-4SFP+ EI Switch, JG936A HP 5130-24G-PoE+-4SFP+ (370W) EI Switch, JG937A HP 5130-48G-PoE+-4SFP+ (370W) EI Switch, JG975A HP 5130-24G-4SFP+ EI Brazil Switch, JG976A HP 5130-48G-4SFP+ EI Brazil Switch, JG977A HP 5130-24G-PoE+-4SFP+ (370W) EI Brazil Switch, JG978A HP 5130-48G-PoE+-4SFP+ (370W) EI Brazil Switch CVE-2014-9295 5700 (Comware 7) R2311P06 JG894A HP FlexFabric 5700-48G-4XG-2QSFP+ Switch, JG895A HP FlexFabric 5700-48G-4XG-2QSFP+ TAA-compliant Switch, JG896A HP FlexFabric 5700-40XG-2QSFP+ Switch, JG897A HP FlexFabric 5700-40XG-2QSFP+ TAA-compliant Switch, JG898A HP FlexFabric 5700-32XGT-8XG-2QSFP+ Switch, JG899A HP FlexFabric 5700-32XGT-8XG-2QSFP+ TAA-compliant Switch CVE-2014-9295 VCX 9.8.17 J9672A HP VCX V7205 Platform w/ DL360 G7 Srvr, J9668A HP VCX IPC V7005 Pltfrm w/ DL120 G6 Srvr, JC517A HP VCX V7205 Platform w/DL 360 G6 Server, JE355A HP VCX V6000 Branch Platform 9.0, JC516A HP VCX V7005 Platform w/DL 120 G6 Server, JC518A HP VCX Connect 200 Primry 120 G6 Server, J9669A HP VCX IPC V7310 Pltfrm w/ DL360 G7 Srvr, JE341A HP VCX Connect 100 Secondary, JE252A HP VCX Connect Primary MIM Module, JE253A HP VCX Connect Secondary MIM Module, JE254A HP VCX Branch MIM Module, JE355A HP VCX V6000 Branch Platform 9.0, JD028A HP MS30-40 RTR w/VCX + T1/FXO/FXS/Mod, JD023A HP MSR30-40 Router with VCX MIM Module, JD024A HP MSR30-16 RTR w/VCX Ent Br Com MIM, JD025A HP MSR30-16 RTR w/VCX + 4FXO/2FXS Mod, JD026A HP MSR30-16 RTR w/VCX + 8FXO/4FXS Mod, JD027A HP MSR30-16 RTR w/VCX + 8BRI/4FXS Mod, JD029A HP MSR30-16 RTR w/VCX + E1/4BRI/4FXS, JE340A HP VCX Connect 100 Pri Server 9.0, JE342A HP VCX Connect 100 Sec Server 9.0 CVE -2014-9293 CVE-2014-9294 CVE-2014-9295 HISTORY Version:1 (rev.1) - 9 December 2015 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com. Report: To report a potential security vulnerability with any HPE supported product, send Email to: security-alert@hpe.com Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX Copyright 2015 Hewlett Packard Enterprise Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. 6.5) - i386, noarch, ppc64, s390x, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: ntp security update Advisory ID: RHSA-2014:2024-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2014-2024.html Issue date: 2014-12-20 CVE Names: CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 ===================================================================== 1. Summary: Updated ntp packages that fix several security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit. (CVE-2014-9293) It was found that ntp-keygen used a weak method for generating MD5 keys. Note: it is recommended to regenerate any MD5 keys that had explicitly been generated with ntp-keygen; the default installation does not contain such keys). (CVE-2014-9294) A missing return statement in the receive() function could potentially allow a remote attacker to bypass NTP's authentication mechanism. (CVE-2014-9296) All ntp users are advised to upgrade to this updated package, which contains backported patches to resolve these issues. After installing the update, the ntpd daemon will restart automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1176032 - CVE-2014-9293 ntp: automatic generation of weak default key in config_auth() 1176035 - CVE-2014-9294 ntp: ntp-keygen uses weak random number generator and seed when generating MD5 keys 1176037 - CVE-2014-9295 ntp: Multiple buffer overflows via specially-crafted packets 1176040 - CVE-2014-9296 ntp: receive() missing return on error 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ntp-4.2.6p5-2.el6_6.src.rpm i386: ntp-4.2.6p5-2.el6_6.i686.rpm ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntpdate-4.2.6p5-2.el6_6.i686.rpm x86_64: ntp-4.2.6p5-2.el6_6.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntpdate-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntp-perl-4.2.6p5-2.el6_6.i686.rpm noarch: ntp-doc-4.2.6p5-2.el6_6.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntp-perl-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ntp-4.2.6p5-2.el6_6.src.rpm x86_64: ntp-4.2.6p5-2.el6_6.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntpdate-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): noarch: ntp-doc-4.2.6p5-2.el6_6.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntp-perl-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ntp-4.2.6p5-2.el6_6.src.rpm i386: ntp-4.2.6p5-2.el6_6.i686.rpm ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntpdate-4.2.6p5-2.el6_6.i686.rpm ppc64: ntp-4.2.6p5-2.el6_6.ppc64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.ppc64.rpm ntpdate-4.2.6p5-2.el6_6.ppc64.rpm s390x: ntp-4.2.6p5-2.el6_6.s390x.rpm ntp-debuginfo-4.2.6p5-2.el6_6.s390x.rpm ntpdate-4.2.6p5-2.el6_6.s390x.rpm x86_64: ntp-4.2.6p5-2.el6_6.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntpdate-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntp-perl-4.2.6p5-2.el6_6.i686.rpm noarch: ntp-doc-4.2.6p5-2.el6_6.noarch.rpm ppc64: ntp-debuginfo-4.2.6p5-2.el6_6.ppc64.rpm ntp-perl-4.2.6p5-2.el6_6.ppc64.rpm s390x: ntp-debuginfo-4.2.6p5-2.el6_6.s390x.rpm ntp-perl-4.2.6p5-2.el6_6.s390x.rpm x86_64: ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntp-perl-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ntp-4.2.6p5-2.el6_6.src.rpm i386: ntp-4.2.6p5-2.el6_6.i686.rpm ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntpdate-4.2.6p5-2.el6_6.i686.rpm x86_64: ntp-4.2.6p5-2.el6_6.x86_64.rpm ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntpdate-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-2.el6_6.i686.rpm ntp-perl-4.2.6p5-2.el6_6.i686.rpm noarch: ntp-doc-4.2.6p5-2.el6_6.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-2.el6_6.x86_64.rpm ntp-perl-4.2.6p5-2.el6_6.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: ntp-4.2.6p5-19.el7_0.src.rpm x86_64: ntp-4.2.6p5-19.el7_0.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm ntpdate-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_0.noarch.rpm ntp-perl-4.2.6p5-19.el7_0.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm sntp-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: ntp-4.2.6p5-19.el7_0.src.rpm x86_64: ntp-4.2.6p5-19.el7_0.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm ntpdate-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_0.noarch.rpm ntp-perl-4.2.6p5-19.el7_0.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm sntp-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ntp-4.2.6p5-19.el7_0.src.rpm ppc64: ntp-4.2.6p5-19.el7_0.ppc64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.ppc64.rpm ntpdate-4.2.6p5-19.el7_0.ppc64.rpm s390x: ntp-4.2.6p5-19.el7_0.s390x.rpm ntp-debuginfo-4.2.6p5-19.el7_0.s390x.rpm ntpdate-4.2.6p5-19.el7_0.s390x.rpm x86_64: ntp-4.2.6p5-19.el7_0.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm ntpdate-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_0.noarch.rpm ntp-perl-4.2.6p5-19.el7_0.noarch.rpm ppc64: ntp-debuginfo-4.2.6p5-19.el7_0.ppc64.rpm sntp-4.2.6p5-19.el7_0.ppc64.rpm s390x: ntp-debuginfo-4.2.6p5-19.el7_0.s390x.rpm sntp-4.2.6p5-19.el7_0.s390x.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm sntp-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: ntp-4.2.6p5-19.el7_0.src.rpm x86_64: ntp-4.2.6p5-19.el7_0.x86_64.rpm ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm ntpdate-4.2.6p5-19.el7_0.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: ntp-doc-4.2.6p5-19.el7_0.noarch.rpm ntp-perl-4.2.6p5-19.el7_0.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-19.el7_0.x86_64.rpm sntp-4.2.6p5-19.el7_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9293 https://access.redhat.com/security/cve/CVE-2014-9294 https://access.redhat.com/security/cve/CVE-2014-9295 https://access.redhat.com/security/cve/CVE-2014-9296 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2014 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFUlOKcXlSAg2UNWIIRAvBoAKCfw+j4ua5JaIRMc5eKkny9G1yWlgCgufNc EvBImTd+Vq7//UExow1FP4U= =m/Eb -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities EMC Identifier: ESA-2015-004 CVE Identifier: CVE-2015-0513, CVE-2015-0514, CVE-2015-0515, CVE-2015-0516, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6466, CVE-2014-6468, CVE-2014-6476, CVE-2014-6485, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6504, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6513, CVE-2014-6515, CVE-2014-6517, CVE-2014-6519, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558, CVE-2014-6562, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-3618 Severity Rating: CVSS v2 Base Score: View details below for individual CVSS score for each CVE Affected products: \x95 EMC M&R (Watch4Net) versions prior 6.5u1 \x95 EMC ViPR SRM versions prior to 3.6.1 Summary: EMC M&R (Watch4Net) is vulnerable to multiple security vulnerabilities that could be potentially exploited by malicious users to compromise the affected system. EMC ViPR SRM is built on EMC M&R platform and is also affected by these vulnerabilities. Details: The vulnerabilities include: \x95 Multiple Oracle Java Runtime Environment (JRE) Vulnerabilities CVE Identifiers: CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6466, CVE-2014-6468, CVE-2014-6476, CVE-2014-6485, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6504, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6513, CVE-2014-6515, CVE-2014-6517, CVE-2014-6519, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558, CVE-2014-6562. Oracle JRE contains multiple security vulnerabilities. Oracle JRE has been upgraded to 8.0u25 to address these vulnerabilities. See vendor advisory (http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA) for more details. CVSS v2 Base Score: Please refer to http://nvd.nist.gov/ for the individual CVSS scores for each CVE listed above. \x95 Multiple Cross-Site Scripting Vulnerabilities CVE Identifier: CVE-2015-0513 Several user-supplied fields in the administrative user interface may be potentially exploited by an authenticated privileged malicious user to conduct cross-site-scripting attacks on other authenticated users of the system. CVSS v2 Base Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P) \x95 Insecure Cryptographic Storage Vulnerability CVE Identifier: CVE-2015-0514 A malicious non-ViPR SRM user with access to an installation of ViPR SRM and knowledge of internal encryption methods could potentially decrypt credentials used for data center discovery. CVSS v2 Base Score: 5.7 (AV:A/AC:M/Au:N/C:C/I:N/A:N) \x95 Unrestricted File Upload Vulnerability CVE Identifier: CVE-2015-0515 This vulnerability may potentially be exploited by an authenticated, privileged malicious user to upload arbitrary files into the file system via the web interface. CVSS v2 Base Score: 6 (AV:N/AC:M/Au:S/C:P/I:P/A:P) \x95 Path Traversal Vulnerability CVE Identifier: CVE-2015-0516 This vulnerability may potentially be exploited by an authenticated, privileged malicious user to download arbitrary files from the file system via the web interface by manipulating the directory structure in the URL. CVSS v2 Base Score: 6.8 (AV:N/AC:L/Au:S/C:C/I:N/A:N) \x95 SUSE Procmail Heap Overflow Vulnerability CVE Identifier: CVE-2014-3618 Procmail was updated to fix a heap-overflow in procmail's formail utility when processing specially-crafted email headers. CVSS v2 Base Score: Please refer to http://nvd.nist.gov/ for the CVSS score. \x95 NTP Multiple Vulnerabilities CVE Identifier: CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 NTP was updated to fix multiple vulnerabilities. See vendor advisory http://support.ntp.org/bin/view/Main/SecurityNotice for more details. CVSS v2 Base Score: Please refer to http://nvd.nist.gov/ for the CVSS scores. Resolution: The following version contains the resolution to these issues: \x95 EMC M&R (Watch4Net) 6.5u1 and later \x95 EMC ViPR SRM 3.6.1 and later EMC strongly recommends all customers upgrade at the earliest opportunity. In addition, customers are recommended to review the Security Configuration Guide distributed with the product for specific instructions on secure configurations of the system. Link to remedies: Registered customers can download upgraded software from support.emc.com at https://support.emc.com/downloads/34247_ViPR-SRM Credits: EMC would like to thank Han Sahin of Securify B.V. (han.sahin@securify.nl) for reporting CVE-2015-0513 and CVE-2015-0514. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201412-34 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: NTP: Multiple vulnerabilities Date: December 24, 2014 Bugs: #533076 ID: 201412-34 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in NTP, the worst of which could result in remote execution of arbitrary code. The net-misc/ntp package contains the official reference implementation by the NTP Project. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/ntp < 4.2.8 >= 4.2.8 Description =========== Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Resolution ========== All NTP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.8" References ========== [ 1 ] CVE-2014-9293 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9293 [ 2 ] CVE-2014-9294 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9294 [ 3 ] CVE-2014-9295 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9295 [ 4 ] CVE-2014-9296 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-9296 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201412-34.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5

AFFECTED PRODUCTS