cnvd-2015-02262
Vulnerability from cnvd
Title
Synology DiskStation Manager Multicast DNS (mDNS) responder拒绝服务漏洞
Description
Synology DiskStation Manager是第一个提供网络多任务处理用户接口的NAS操作系统。 Synology DiskStation Manager Multicast DNS (mDNS) responder存在安全漏洞,允许远程攻击者利用漏洞通过5353 UDP端口获取敏感信息或进行拒绝服务攻击。
Severity
Patch Name
Synology DiskStation Manager Multicast DNS (mDNS) responder拒绝服务漏洞的补丁
Patch Description
Synology DiskStation Manager是第一个提供网络多任务处理用户接口的NAS操作系统。Synology DiskStation Manager Multicast DNS (mDNS) responder存在安全漏洞,允许远程攻击者利用漏洞通过5353 UDP端口获取敏感信息或进行拒绝服务攻击。目前,厂商已经发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

Synology DiskStation Manager (DSM) 3.1修复该漏洞,建议用户下载更新: http://www.synology.com/dsm/index.php

Reference
http://www.kb.cert.org/vuls/id/550620
Impacted products
Name
Synology DiskStation Manager <=3.0
Show details on source website

To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-2809"
    }
  },
  "description": "Synology DiskStation Manager\u662f\u7b2c\u4e00\u4e2a\u63d0\u4f9b\u7f51\u7edc\u591a\u4efb\u52a1\u5904\u7406\u7528\u6237\u63a5\u53e3\u7684NAS\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nSynology DiskStation Manager Multicast DNS (mDNS) responder\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u901a\u8fc75353 UDP\u7aef\u53e3\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u6216\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Chad Seaman",
  "formalWay": "Synology DiskStation Manager (DSM) 3.1\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u66f4\u65b0\uff1a\r\nhttp://www.synology.com/dsm/index.php",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2015-02262",
  "openTime": "2015-04-09",
  "patchDescription": "Synology DiskStation Manager\u662f\u7b2c\u4e00\u4e2a\u63d0\u4f9b\u7f51\u7edc\u591a\u4efb\u52a1\u5904\u7406\u7528\u6237\u63a5\u53e3\u7684NAS\u64cd\u4f5c\u7cfb\u7edf\u3002Synology DiskStation Manager Multicast DNS (mDNS) responder\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u901a\u8fc75353 UDP\u7aef\u53e3\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u6216\u8fdb\u884c\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Synology DiskStation Manager Multicast DNS (mDNS) responder\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Synology DiskStation Manager \u003c=3.0"
  },
  "referenceLink": "http://www.kb.cert.org/vuls/id/550620",
  "serverity": "\u4e2d",
  "submitTime": "2015-04-02",
  "title": "Synology DiskStation Manager Multicast DNS (mDNS) responder\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.