DSM 5.0-4493 Update 1

Publish Time: 2014-06-11 00:00:00 UTC+8

Last Updated: UTC+8

Status: Resolved

Description

The upgrade of OpenSSL in DSM 5.0-4493 Update 1 addresses the following security vulnerabilities:

a vulnerability that allows remote attackers to exploit a weakness to perform a man-in-the-middle attack in certain OpenSSL-to-OpenSSL communications and obtain sensitive information. (CVE-2014-0224)
a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service via a long non-initial fragment. (CVE-2014-0195)
several vulnerabilities that allow remote attackers to perform various kinds of DoS attacks. (CVE-2014-0221, CVE-2014-0198, CVE-2010-5298,CVE-2014-3470)

Resolution

To fix the security issues, please go to DSM > Control Panel > Update & Restore> DSM Update and install the latest updates to protect your DiskStation from malicious attacks.