PSIRT Advisory

ntp Security Vulnerability Announcement April 2016

Summary

ntp released an announcement on 26th April 2016, describing 4 low and 7 medium severity vulnerabilities, as listed below:

  • CVE-2016-1551
  • CVE-2016-1549
  • CVE-2016-2516
  • CVE-2016-2517
  • CVE-2016-2518
  • CVE-2016-2519
  • CVE-2016-1547
  • CVE-2016-1548
  • CVE-2015-7704
  • CVE-2015-8138
  • CVE-2015-1550

Impact

Information disclosure

Affected Products

FortiOS versions 5.4.1, 5.4.0, 5.2.8 and below are vulnerable to only CVE-2016-1550.

Solutions

Upgrade to FortiOS version

  • 5.2.9 or above
  • 5.4.2 or above
  • or 5.6.0