SOL06288381 - NTP vulnerabilities CVE-2015-7977 and CVE-2015-7978

2016-02-22T00:00:00
ID SOL06288381
Type f5
Reporter f5
Modified 2016-11-28T00:00:00

Description

Vulnerability Recommended Actions

If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.

To mitigate this vulnerability for affected BIG-IP, BIG-IQ, and Enterprise Manager systems, ensure that there are no more than 500 'restrict' directives in the /config/ntp.conf configuration file.

Supplemental Information

  • SOL9970: Subscribing to email notifications regarding F5 products
  • SOL9957: Creating a custom RSS feed to view new and updated documents
  • SOL4602: Overview of the F5 security vulnerability response policy
  • SOL4918: Overview of the F5 critical issue hotfix policy
  • SOL167: Downloading software and firmware from F5
  • SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)
  • SOL10025: Managing BIG-IP product hotfixes (10.x)
  • SOL9502: BIG-IP hotfix matrix
  • SOL15106: Managing BIG-IQ product hotfixes
  • SOL15113: BIG-IQ hotfix matrix
  • SOL12766: ARX hotfix matrix