Publish Time: 2017-11-21 19:17:51 UTC+8
Last Updated: 2018-01-12 11:23:01 UTC+8
Abstract
Multiple security vulnerabilities have been found in Samba which allows remote attackers to launch a denial-of-service attack, retrieve sensitive information or possibly execute arbitrary codes from a vulnerable version of Synology DiskStation Manager (DSM) or Synology Router Manager (SRM).
Severity
Affected
Description
Mitigation
For DSM 6.1
For DSM 6.0
sudo /usr/bin/sed -i '/min protocol/d' /etc/samba/smb.conf && sudo sh -c "echo 'min protocol=SMB2' >> /etc/samba/smb.conf" && sudo /sbin/restart smbd
For DSM 5.2
/bin/sed -i '/min protocol/d' /usr/syno/etc/smb.conf && /bin/sed -i "/\[global\]/a min protocol=SMB2" /usr/syno/etc/smb.conf && /sbin/restart smbd
For SRM 1.1
/bin/sed -i '/min protocol/d' /usr/syno/etc/smb.conf && /bin/sed -i "/\[global\]/a min protocol=SMB2" /usr/syno/etc/smb.conf && /sbin/restart smbd
Update Availability
To fix the security issue, please update DSM 6.1 to 6.1.4-15217-2 or above.
For DSM 5.2 and DSM 6.0 users, please update DSM to 6.1.4-15217-2 or above.
Reference