Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1314
Views
9
Helpful
2
Replies

Get server code 406 for advisory cisco-sa-20161123-ntpd

Go to solution
Infosim
Level 1
Level 1

‎11-28-2016 03:59 AM

Hi,

the latest newsletter contained the advisory cisco-sa-20161123-ntpd. I tried to fetch it with the REST API call /advisories/cvrf/advisory/<advisory-id> but the server returns a 406 error code.

1 Accepted Solution

Accepted Solutions

Go to solution
Omar Santos
Cisco Employee
Cisco Employee

‎11-30-2016 12:37 PM

Hi Stefan,

The issue has been fixed. You should now be able to pull the information about that advisory:

{

    "advisoryId": "cisco-sa-20161123-ntpd",

    "advisoryTitle": "Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November 2016",

    "bugIDs": [

        "NA"

    ],

    "cves": [

        "CVE-2015-8138",

        "CVE-2016-7426",

        "CVE-2016-7427",

        "CVE-2016-7428",

        "CVE-2016-7429",

        "CVE-2016-7431",

        "CVE-2016-7433",

        "CVE-2016-7434",

        "CVE-2016-9310",

        "CVE-2016-9311",

        "CVE-2016-9312"

    ],

    "cvrfUrl": "https://tools.cisco.com/security/center/contentxml/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd/cvrf/cisco-sa-20161123-ntpd_cvrf.xml",

    "cvssBaseScore": "NA",

    "cwe": [

        "CWE-119",

        "CWE-20",

        "CWE-399"

    ],

    "firstPublished": "2016-11-23T16:00:00-0600",

    "lastUpdated": "2016-11-28T14:53:04-0600",

    "productNames": [

        "NA"

    ],

    "publicationUrl": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd",

    "sir": "Medium",

    "summary": "Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.\n<br />\n<br />\nOn November 21, 2016, the NTP Consortium of the Network Time Foundation released a security notice that details ten issues regarding DoS vulnerabilities and logic issues that may allow an attacker to shift a system's time.\n<br />\n<br />\nThe new vulnerabilities disclosed in this document are as follows:<br />\n<ul>\n    <li>Network Time Protocol Trap Service Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Broadcast Mode Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Broadcast Mode Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Insufficient Resource Pool Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Configuration Modification Denial of Service Vulnerability</li>\n    <li>Network Time Protocol mrulist Query Requests Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Multiple Binds to the Same Port Vulnerability</li>\n    <li>Network Time Protocol Rate Limiting Denial of Service Vulnerability</li>\n</ul>\n<div>As well as:<br />\n<ul>\n    <li>Regression of CVE-2015-8138</li>\n    <li>Network Time Protocol Reboot sync calculation problem</li>\n</ul>\n</div>\nAdditional details about each vulnerability are in the <a href=\"http://support.ntp.org/bin/view/Main/SecurityNotice#November_2016_ntp_4_2_8p9_NTP_Se\">NTP Consortium Security Notice</a>.<br />\n<br />\nWorkarounds that address one or more of these vulnerabilities may be available and will be documented in the Cisco bug for each affected product.\n<br />\n<br />\nThis advisory is available at the following link:<br />\n<a href=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd\">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd</a>"

}

View solution in original post

2 Replies 2

Go to solution
Omar Santos
Cisco Employee
Cisco Employee

‎11-30-2016 11:14 AM

HI Stefan,

Thank you for bringing this into our attention. I have the development team looking at this now. It appears to be only for that advisory, but Cisco is investigating now.

Thanks again!

Omar

Go to solution
Omar Santos
Cisco Employee
Cisco Employee

‎11-30-2016 12:37 PM

Hi Stefan,

The issue has been fixed. You should now be able to pull the information about that advisory:

{

    "advisoryId": "cisco-sa-20161123-ntpd",

    "advisoryTitle": "Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November 2016",

    "bugIDs": [

        "NA"

    ],

    "cves": [

        "CVE-2015-8138",

        "CVE-2016-7426",

        "CVE-2016-7427",

        "CVE-2016-7428",

        "CVE-2016-7429",

        "CVE-2016-7431",

        "CVE-2016-7433",

        "CVE-2016-7434",

        "CVE-2016-9310",

        "CVE-2016-9311",

        "CVE-2016-9312"

    ],

    "cvrfUrl": "https://tools.cisco.com/security/center/contentxml/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd/cvrf/cisco-sa-20161123-ntpd_cvrf.xml",

    "cvssBaseScore": "NA",

    "cwe": [

        "CWE-119",

        "CWE-20",

        "CWE-399"

    ],

    "firstPublished": "2016-11-23T16:00:00-0600",

    "lastUpdated": "2016-11-28T14:53:04-0600",

    "productNames": [

        "NA"

    ],

    "publicationUrl": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd",

    "sir": "Medium",

    "summary": "Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server.\n<br />\n<br />\nOn November 21, 2016, the NTP Consortium of the Network Time Foundation released a security notice that details ten issues regarding DoS vulnerabilities and logic issues that may allow an attacker to shift a system's time.\n<br />\n<br />\nThe new vulnerabilities disclosed in this document are as follows:<br />\n<ul>\n    <li>Network Time Protocol Trap Service Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Broadcast Mode Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Broadcast Mode Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Insufficient Resource Pool Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Configuration Modification Denial of Service Vulnerability</li>\n    <li>Network Time Protocol mrulist Query Requests Denial of Service Vulnerability</li>\n    <li>Network Time Protocol Multiple Binds to the Same Port Vulnerability</li>\n    <li>Network Time Protocol Rate Limiting Denial of Service Vulnerability</li>\n</ul>\n<div>As well as:<br />\n<ul>\n    <li>Regression of CVE-2015-8138</li>\n    <li>Network Time Protocol Reboot sync calculation problem</li>\n</ul>\n</div>\nAdditional details about each vulnerability are in the <a href=\"http://support.ntp.org/bin/view/Main/SecurityNotice#November_2016_ntp_4_2_8p9_NTP_Se\">NTP Consortium Security Notice</a>.<br />\n<br />\nWorkarounds that address one or more of these vulnerabilities may be available and will be documented in the Cisco bug for each affected product.\n<br />\n<br />\nThis advisory is available at the following link:<br />\n<a href=\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd\">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd</a>"

}

Customers Also Viewed These Support Documents