[ntp:security] Talos Security Advisory for NTP (TALOS-CAN-0130, 0131)

Regina Wilson (regiwils) regiwils at cisco.com
Mon Nov 21 14:40:03 UTC 2016


Hello Harlan,

Please disregard below.  Upon further review, it appears the following issues are covered and identified as follows:

TALOS-CAN-0130/ CVE-2016-7428
TALOS-CAN-0131/ CVE-2016-7427
TALOS-2016-0203/ CVE-2016-9310
TALOS-2016-0304/ CVE-2016-9311

Please confirm.

Kind Regards,

Regina Wilson
Engineer. Research
regiwils at cisco.com<mailto:regiwils at cisco.com>




[cid:CFA14CB5-B7B2-4FF7-8313-22D495F607D5 at vrt.sourcefire.com]

On Nov 21, 2016, at 9:10 AM, Regina Wilson <regiwils at cisco.com<mailto:regiwils at cisco.com>> wrote:

Hello Harlan,

Will the issues identified as TALOS-CAN-0130 and TALOS-CAN-0131 be included in today’s release along with (TALOS-2016-0203, TALOS-2016-0204)?

Regina Wilson
Engineer. Research
regiwils at cisco.com<mailto:regiwils at cisco.com>




<image001.png>

On Sep 12, 2016, at 3:10 PM, Regina Wilson -T (regiwils - ETTAIN GROUP INC at Cisco) <regiwils at cisco.com<mailto:regiwils at cisco.com>> wrote:

Hello Harlan,

The Cisco Talos team has found a security vulnerability impacting NTP customers. As this is a sensitive security issue, the attached files are encrypted with your PGP key for your review.
<NTP Vulnerability Reports.0130.0131.zip.gpg>

For further information about the Cisco Vendor Vulnerability Reporting and Disclosure Policy please refer to this document which also links to our public PGP key. http://www.cisco.com/web/about/security/psirt/vendor_vulnerability_policy.html


Please CC vulndev at cisco.com<mailto:vulndev at cisco.com> on all correspondence related to this issue.




Regina Wilson
Project Coordinator
regiwils at cisco.com<mailto:regiwils at cisco.com>


<talos_sig[4].png>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20161121/759e0e5a/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 8573 bytes
Desc: image001.png
URL: <http://lists.ntp.org/private/security/attachments/20161121/759e0e5a/attachment-0001.png>


More information about the security mailing list