DSM 4.2-3247

Publish Time: 2014-03-20 00:00:00 UTC+8

Last Updated: UTC+8

Status: Resolved

Description

DSM 4.2-3247 addresses vulnerabilities below:

A vulnerability related to OpenSSL (CVE-2013-4353).
Two vulnerabilities in PHP to allow remote code execution, denial of service and man-in-the-middle attacks. (CVE-2013-4073, CVE-2013-6420).
A vulnerability to allow malicious attacks via NTP service (CVE-2013-5211).
Two security vulnerabilities of Windows File Services (SMB) to allow unauthorized access. (CVE-2013-4408, CVE-2012-6150)

Resolution

To fix the security issue, please to go to DSM > Control Panel > DSM Update page, install the latest updates to protect DiskStation from malicious attacks.