DSM 5.0-4493

Publish Time: 2014-06-04 00:00:00 UTC+8

Last Updated: UTC+8

Status
Resolved

Description

DSM 5.0-4493 addresses vulnerabilities below:

  • A security issue in the system kernel that allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings. (CVE-2014-0196).
  • A PHP security issue that allows remote attackers to cause denial of service attacks to degrade the performance of target servers. (CVE-2014-0237)
  • An OpenSSL security issue that allows remote attackers to inject data across sessions or cause a denial of service attack via SSL connection in a multi-threaded environment. (CVE-2010-5298)

Resolution

To fix the security issues, please go to DSM > Control Panel > Update & Restore > DSM Update page and install the latest updates to protect DiskStation from malicious attacks.