Synology Information for VU#550620

Multicast DNS (mDNS) implementations may respond to unicast queries originating outside the local link

Status

Affected

Vendor Statement

This vulnerability "has been patched already since 2011 (DSM 3.1 & later versions). ... Despite of that, we will still upgrade avahi to 0.6.31 on the latest DSM 5.2 beta release and further versions."

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

While recent versions do not appear vulnerable, if you are running old software, please update to the latest version.

If you have feedback, comments, or additional information about this vulnerability, please send us email.