We use cookies to help us improve our webpage. Please read our Cookie Policy.

Synology-SA-18:47 Samba

Publish Time: 2018-08-16 16:36:23 UTC+8

Last Updated: 2018-08-16 16:36:23 UTC+8

Severity
Important
Status
Ongoing

Abstract

CVE-2018-10858 allows man-in-the-middle attackers to execute arbitrary code via a susceptible version of Active Backup for Server.

CVE-2018-10919 allows remote authenticated users to obtain sensitive information via a susceptible version of Active Directory Server.

None of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), and Directory Server are affected by CVE-2018-1139, CVE-2018-1140, or CVE-2018-10918 as these vulnerabilities only affect Samba 4.7 or above.

Affected Products

Product Severity Fixed Release Availability
DSM 6.2 Not affected N/A
DSM 6.1 Not affected N/A
DSM 5.2 Not affected N/A
SkyNAS Not affected N/A
SRM 1.1 Not affected N/A
VS960HD Not affected N/A
Directory Server Not affected N/A
Active Directory Server Moderate Ongoing
Active Backup for Server Important Ongoing

Mitigation

None

Detail

Reserved

Reference

Revision

Revision Date Description
1 2018-08-16 Initial public release.