Seems like there is a more localized page available for your location.
Store

Résumé du panier ()

Total (undefined articles)TVA incluse undefined%. Les frais de port seront calculés lors du paiement.

Continuer mes achats

Série Bee de Synology
Produits de A à Z
Store

Important Information Regarding NTP Vulnerability (CVE-2016-9310)

Publish Time: UTC+8

Last Updated: UTC+8

Severity
Low
Status
Resolved

Description

A security vulnerability regarding the NTP service (CVE-2016-9310) has been identified where an unauthenticated remote attacker can bypass the legitimate monitoring and trigger DDoS (Distributed Denial of Service) attacks.

Even though the impact caused by this vulnerability on Synology NAS is limited, Synology is now working on a DSM 6.0 update to address this vulnerability for precautionary purposes.

Severity

Low

Summary

Synology's default configuration of NTP service is not vulnerable to CVE-2016-9310.

Mitigation

Enable the firewall to allow NTP traffic for trusted devices only.

Update Availability

Synology will release a DSM 6.0 update (6.0.2-8451-5) to address this issue in the coming weeks.

References

http://support.ntp.org/bin/view/Main/NtpBug3118
http://bugs.ntp.org/show_bug.cgi?id=3118
https://www.kb.cert.org/vuls/id/633847
https://thehackernews.com/2016/11/ntp-server-vulnerability.html