CVE-2015-2809 Information

Description

The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets to the Avahi component.

Reference

http://www.kb.cert.org/vuls/id/550620 http://www.kb.cert.org/vuls/id/BLUU-9TLSHD http://www.securityfocus.com/bid/73683