RSS   Vulnerabilities for 'Router manager'   RSS

2018-03-06
 
CVE-2018-7185

CWE-20
 

 
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.

 
 
CVE-2018-7184

CWE-20
 

 
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.

 
 
CVE-2018-7170

CWE-320
 

 
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549.

 
2017-08-28
 
CVE-2017-12077

 

 
Uncontrolled Resource Consumption vulnerability in SYNO.Core.PortForwarding.Rules in Synology Router Manager (SRM) before 1.1.4-6509 allows remote authenticated attacker to exhaust the memory resources of the machine, causing a denial of service attack.

 

 >>> Vendor: Synology 31 Products
DSM
Diskstation manager
Synology photo station
Ds photo+
Ds file
Ds audio
Cloud station
Photo station
Download station
Video station
Note station
Audio station
CHAT
Office
Photo station uploader
Assistant
Dns server
Router manager
Cloud station backup
Cloud station drive
Skynas
Virtual diskstation manager
Vs960hd firmware
Media server
Calendar
Drive
File station
Ds107 firmware
Ds116 firmware
Ds213 firmware
Vs960hd


Copyright 2019, cxsecurity.com

 

Back to Top