Author Topic: vulnerability found in Buffalo TeraStation!!!  (Read 144 times)

jangiskhan

  • Calf
  • *
  • Posts: 1
vulnerability found in Buffalo TeraStation!!!
« on: August 23, 2019, 08:40:22 am »
I am using Buffalo TeraStation -- TS-X8.0TL/R5 model

 

there is 4 vulnerability found.
1.Remote User List Disclosure Using NetBIOS
2.Null Session/Password NetBIOS Access

How to fix the vulnerability

1000001101000

  • Debian Wizard
  • El Toro
  • ****
  • Posts: 321
  • There's no problem so bad you cannot make it worse
Re: vulnerability found in Buffalo TeraStation!!!
« Reply #1 on: August 23, 2019, 09:52:52 am »
Someone else posted about what I believe to be the same thing (they included the CVE#'s from their results).

That thread is here:
http://forums.buffalotech.com/index.php?topic=28463.msg95114#msg95114

Part of working with vulnerability scanners is reading the results and researching the specific vulnerabilities being reported and determining how to deal with them. This often involves configuration changes like changing weak passwords, removing public permissions or even disabling unneeded features.

Eastmarch

  • 1500 Lb Water Buffalo
  • Administrator
  • *****
  • Posts: 322
Re: vulnerability found in Buffalo TeraStation!!!
« Reply #2 on: September 06, 2019, 12:08:10 pm »
TS-X is EOL and will likely only get truly security-shattering patches.

Those two are common and not exactly 'vulnerabilities' in the sense that unauthorized attackers can execute code on the box. Those are more a 'security hygiene' issue.
**A single copy of data, even on a RAID array, is NOT a backup! Hard drive failure is not a question of IF, but WHEN! Don't take my word for it, take Google's!**