Synology-SA-17:40 libsoup

Abstract

CVE-2017-2885 allows man-in-the-middle attackers to cause denial-of-service attacks or execute arbitrary codes on a vulnerable version of File Station.

Severity

• Impact: Important
• CVSS3 Base Score: 7.3
• CVSS3 Base Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected

• Products
  • File Station before 1.1.1-0103
  • DSM 6.0
  • DSM 5.2
  • DSM 5.1
• Models
  • All Synology models

Description

A stack-based buffer overflow flaw was discovered within the HTTP processing of libsoup. A remote attacker could exploit this flaw to cause a crash or, potentially, execute arbitrary code by sending a specially crafted HTTP request to a server using the libsoup HTTP server functionality or by tricking a user into connecting to a malicious HTTP server with an application using the libsoup HTTP client functionality.

Mitigation

None

Update Availability

To fix the security issue, please go to DSM > Package Center and update File Station to 1.1.1-0103 or above.

For DSM 5.2 and DSM 6.0, please update to 6.0.3-8754-6 or above.

Reference

• https://access.redhat.com/security/cve/CVE-2017-2885
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-2885
• https://tools.cisco.com/security/center/viewAlert.x?alertId=54816
• https://bugzilla.gnome.org/show_bug.cgi?id=785774
• http://seclists.org/oss-sec/2017/q3/273