Multiple Vulnerabilities in tcpdump

Publish Time: 2017-02-17 00:00:00 UTC+8

Last Updated: 2017-02-17 12:00:00 UTC+8

Severity
Moderate
Status
Resolved

Abstract

Multiple security vulnerabilities have been found in tcpdump, a command-line network traffic analyzer. These vulnerabilities could allow denial of service or arbitrary code execution that could directly affect system availability.


Severity

Moderate


Affected

  • Products
    • DSM 6.1
    • DSM 6.0
    • DSM 5.2
  • Models
    • DS213+
    • DS413


Description

A remote attacker could send specially crafted data to crash the tcpdump network dissector or to execute arbitrary codes. This vulnerability could only affect DS213+ and DS413 models with system hibernation enabled.

The addressed vulnerabilities are listed below:

CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, CVE-2016-7926, CVE-2016-7927, CVE-2016-7928, CVE-2016-7929, CVE-2016-7930, CVE-2016-7931, CVE-2016-7932, CVE-2016-7933, CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, CVE-2016-7938, CVE-2016-7939, CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7975, CVE-2016-7983, CVE-2016-7984, CVE-2016-7985, CVE-2016-7986, CVE-2016-7992, CVE-2016-7993, CVE-2016-8574, CVE-2016-8575, CVE-2017-5202, CVE-2017-5203, CVE-2017-5204, CVE-2017-5205, CVE-2017-5341, CVE-2017-5342, CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, CVE-2017-5486


Mitigation

For administrators of DS213+ and DS413 models:

  1. Go to Control Panel > Hardware & Power > HDD Hibernation.
  2. Disable the Start system hibernation 60 seconds after HDD enters hibernation option.


Update Availability

Synology will release a DSM 6.1.1 update to address this issue in the comming weeks.


References

https://www.debian.org/security/2017/dsa-3775
https://isc.sans.edu/diary/Multiple+Vulnerabilities+in+tcpdump/22017
http://www.securitytracker.com/id/1037755