[ntp:security] Talos Security Advisory for NTP (TALOS-2016-0203, TALOS-2016-0204)

Regina Wilson -T (regiwils - ETTAIN GROUP INC at Cisco) regiwils at cisco.com
Fri Sep 23 17:47:07 UTC 2016


Hello Harlan,

Please confirm receipt of the encrypted reports below which include advisory and trigger inputs.


Regina Wilson
Project Coordinator
regiwils at cisco.com <mailto:regiwils at cisco.com>





> On Sep 23, 2016, at 8:08 AM, Regina Wilson -T (regiwils - ETTAIN GROUP INC at Cisco) <regiwils at cisco.com> wrote:
> 
> Hello Harlan,
> 
> I’ve checked with our research team and confirmed there are no other bugs in progress as of now.
> 
> Kind Regards,
> Regina Wilson
> Project Coordinator
> regiwils at cisco.com <mailto:regiwils at cisco.com>
> 
> 
> 
> <image001.png>
> 
>> On Sep 20, 2016, at 6:05 PM, Harlan Stenn <stenn at nwtime.org <mailto:stenn at nwtime.org>> wrote:
>> 
>> Regina and Matt,
>> 
>> Do you have anything else in-progress?
>> 
>> It can really mess up our delivery schedules when we only hear about
>> these things when you have them in "finished form".
>> 
>> Thanks!
>> 
>> H
>> 
>> On 9/20/16 9:30 AM, Regina Wilson -T (regiwils - ETTAIN GROUP INC at
>> Cisco) wrote:
>>> Hello Danny,
>>> 
>>> The Cisco Talos team has found a security vulnerability impacting NTP customers.
>>> Please review the attached file encrypted with your PGP for the following issues:
>>> 
>>> TALOS-2016-0203
>>> TALOS-2016-0204
>>> 
>>> 
>>> 
>>> For further information about the Cisco Vendor Vulnerability Reporting and
>>> Disclosure Policy please refer to this document which also links to our public
>>> PGP key.
>>> http://www.cisco.com/web/about/security/psirt/vendor_vulnerability_policy.html <http://www.cisco.com/web/about/security/psirt/vendor_vulnerability_policy.html>
>>> 
>>> 
>>> Please CC vulndev at cisco.com <mailto:vulndev at cisco.com> on all correspondence
>>> related to this issue.
>>> 
>>> *Regina Wilson*
>>> Project Coordinator
>>> regiwils at cisco.com <mailto:regiwils at cisco.com>
>>> 
>>> 
>>> 
>>> 
>>> 
>> 
>> --
>> Harlan Stenn <stenn at nwtime.org <mailto:stenn at nwtime.org>>
>> http://networktimefoundation.org <http://networktimefoundation.org/> - be a member!
>> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20160923/91bb317d/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NTP Vulnerability Reports 0203.0204.zip 2.gpg
Type: application/octet-stream
Size: 165504 bytes
Desc: not available
URL: <http://lists.ntp.org/private/security/attachments/20160923/91bb317d/attachment-0001.obj>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20160923/91bb317d/attachment-0004.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 8573 bytes
Desc: not available
URL: <http://lists.ntp.org/private/security/attachments/20160923/91bb317d/attachment-0001.png>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ntp.org/private/security/attachments/20160923/91bb317d/attachment-0005.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.ntp.org/private/security/attachments/20160923/91bb317d/attachment-0001.sig>


More information about the security mailing list