Monthly Archives: October 2014

qnap

QNAP releases fixes for ShellShock and SSL3 vulnerabilities

Leave a comment

QNAP Releases Qfix v1.0.2 to Fix Shellshock for Non-QTS 4.1.1 Build 1003 Users

Taipei, Taiwan, October 23, 2014 – QNAP® Systems, Inc. today released the Qfix for Bash security patch v1.0.2 (hereafter referred to as “this Qfix”) for its Turbo NAS lineup with an official GNU Bash patch update. This Qfix includes all fix as of QTS 4.1.1 Build 1003 and is suggested for all Turbo NAS users who have not updated to QTS 4.1.1 Build 1003.

This Qfix has fixed the GNU Bash Environment Variable Command Injection Vulnerability (CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278, CVE-2014-7186, and CVE-2014-7187), also known as “Shellshock,” that can allow attackers to gain remote control over UNIX/Linux-based systems, and is now available for Turbo NAS running QTS 3.8.x, QTS 4.0.x, QTS 4.1.0, and QTS 4.1.1 from QNAP’s official download site (http://www.qnap.com/download) for the following models:

  • TS-EC880 Pro, TS-EC1080 Pro, TS-EC880U-RP, TS-EC1280U-RP, TS-EC1680U-RP, TS-EC2480U-RP
  • TS-879 Pro, TS-1079 Pro, TS-879U-RP/EC879U-RP, TS-1279U-RP/EC1279U-RP, TS-1679U-RP/EC1679U-RP, SS-EC1279U-SAS-RP, SS-EC1879U-SAS-RP, SS-EC2479U-SAS-RP
  • TS-470, TS-470 Pro, TS-670, TS-670 Pro, TS-870, TS-870 Pro
  • TS-1270U-RP, TS-870U-RP, TS-1269U-RP, TS-869U-RP, TS-269 Pro/269L, TS-469 Pro/469L, TS-469U-RP/SP, TS-569 Pro/569L, TS-669 Pro/669L, TS-869 Pro/869L
  • SS-453 Pro, SS-853 Pro, TS-253 Pro, TS-453 Pro, TS-653 Pro, TS-853 Pro
  • TS-251, TS-451, TS-651, TS-851
  • HS-210, HS-251, IS-400 Pro
  • TS-121, TS-221, TS-421, TS-421U
  • TS-120, TS-220, TS-420, TS-420U
  • TS-119/119P+/119P II, TS-219/219P/219P+/219P II, TS-419P/419P+/419P II, TS-419U/419U+/419U II
  • TS-259 Pro/259 Pro+, TS-459 Pro/459 Pro+/459 Pro II, TS-459U-RP/SP, TS-459U-RP+/SP+, TS-559 Pro/559 Pro+/559 Pro II, TS-659 Pro/659 Pro+/659 Pro II, TS-859 Pro/859 Pro+, TS-859U/859U+
  • SS-439 Pro, SS-839 Pro, TS-239 Pro, TS-239H, TS-239 Pro II, TS-239 Pro II+, TS-439 Pro, TS-439 Pro II, TS-439 Pro II+, TS-439U RP/SP, TS-639 Pro
  • TS-110, TS-210, TS-410, TS-410U
  • TS-112/112P, TS-212/212P/212-E, TS-412, TS-412U
  • TS-509 Pro, TS-809 Pro, TS-809U-RP

This Qfix can be installed in the following steps:

  1. Select your model and download “Qfix for Bash security patch v1.0.2” from the QNAP website (http://www.qnap.com/download)
  2. Reboot your Turbo NAS before applying the Qfix.
  3. Go to “QTS> Control Panel> System Settings> Firmware Update> Firmware Update” to apply the Qfix

Users with further questions can contact QNAP Technical Support at: http://helpdesk.qnap.com

 

About QNAP

QNAP Systems, Inc., as its brand promise “Quality Network Appliance Provider”, aims to deliver comprehensive offerings of cutting edge network attached storage (NAS) and network video recorder (NVR) solutions featured with ease-of-use, robust operation, large storage capacity, and trustworthy reliability. QNAP integrates technologies and designs to bring forth quality products that effectively improve business efficiency on file sharing, virtualization applications, storage management and surveillance in the business environments, as well as enrich entertainment life for home users with the offering of a fun multimedia center experience. Headquartered in Taipei, QNAP delivers its solutions to the global market with nonstop innovation and passion.

Media Contacts

marketing@qnap.com

Tel: +886-2-2641-2000