Vulnerability in QNAP TS-239 Pro and TS-639 Pro Affects Firmware Security
CVE-2009-3279

Currently unrated

Key Information:

Vendor

Qnap
Status
Ts-239 Pro Turbo Nas
Ts-639 Pro Turbo Nas
Vendor
CVE Published:
21 September 2009

What is CVE-2009-3279?

The QNAP TS-239 Pro and TS-639 Pro devices with specified firmware versions utilize AES-256 encryption in plain CBC mode to create LUKS partitions. This implementation flaw enables local users to potentially extract sensitive information through a watermark attack, compromising data integrity and confidentiality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.baseline-security.de/downloads/BSC-Qnap_Crypto...
x_refsource_MISC
http://secunia.com/advisories/36793
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/506607/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.