Buffalo Forums

Products => Storage => : timgowen August 19, 2019, 04:02:17 AM

: CVE Vulnerabilities in LinkStation LS-220D
: timgowen August 19, 2019, 04:02:17 AM

I have updated the firmware on the LS220D but the vulnerabilities list
CVE ID: CVE-2000-1200
CVE ID: CVE-1999-0519
CVE ID: CVE-1999-1593
CVE ID: CVE-2000-0673

Is there a page where I can see which vulnerabilites are resolved by different levels of firmware? There's a chance that the scan report is from before the update but I believe it's current.

: Re: CVE Vulnerabilities in LinkStation LS-220D
: oxygen8 August 19, 2019, 05:34:02 AM

https://s3.eu-central-1.amazonaws.com/buffalo-downloads/LS200_series_FW_1.70_changelog.pdf

: Re: CVE Vulnerabilities in LinkStation LS-220D
: 1000001101000 August 19, 2019, 06:31:36 AM

Remember CVEs include the date. These are from 1999/2000 which is a clue that’s probably not reporting a bug in a 2018 version of the firmware fixed in 2019.

It looks like one of these is reporting that you have a share which has public permissions another is a warning about a denial of service weakness inherent to the NETBIOS protocol. These are things that require evaluating your configuration to address.