EUVD-2009-3262

Malware in sbrugna...

Information disclosure

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create a LUKS partition by using the AES-256 cipher in plain CBC mode, which allows local users to obtain sensitive information via a watermark attack...

CVE-2009-3279

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create a LUKS partition by using the AES-256 cipher in plain CBC mode, which allows local users to obtain sensitive information via a watermark attack...

CVE-2009-3200

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this variable,...

Design/Logic Flaw

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create an undocumented recovery key and store it in the ENCK variable in flash memory, which allows local users to bypass the passphrase requirement and decrypt the hard drive by reading this variable,...

Design/Logic Flaw

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the rand library function to generate a certain recovery key, which makes it easier for local users to determine this key via a brute-force attack...

CVE-2009-3278

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the rand library function to generate a certain recovery key, which makes it easier for local users to determine this key via a brute-force attack...

CVE-2009-3279

CVE-2009-3279 (and related CVE-2009-3200) affects QNAP TS-239 Pro/TS-639 Pro firmwares 2.1.7 0613, 3.1.0 0627, 3.1.1 0815: it creates a LUKS partition using AES-256 in plain CBC, enabling local users to obtain sensitive information via a watermark attack; an undocumented recovery key stored in fl...

CVE-2009-3200

The CVE-2009-3200 entry describes a vulnerability in QNAP TS-239 Pro and TS-639 Pro devices running firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815. An undocumented recovery key is created and stored in the ENCK variable in flash memory, allowing local users to bypass the passphrase and decrypt t...

CVE-2009-3278

The CVE-2009-3278 entry concerns the QNAP TS-239 Pro and TS-639 Pro (firmware 2.1.7 0613, 3.1.0 0627, 3.1.1 0815). The vulnerability stems from using the rand library function to generate a recovery key, which makes it easier for local users to brute-force and determine this key. The connected do...

Advisory: Crypto backdoor in Qnap storage devices (CVE-2009-3200)

Title: Crypto backdoor in Qnap storage devices Date: 18 September 2009 URL: http://www.baseline-security.de/downloads/BSC-QnapCryptoBackdoor-CVE-2009-3200.txt Vendor: QNAP Systems Products verified: TS-239 Pro, TS-639 Pro Products unverified: SS-439 Pro, TS-439 Pro, TS-439U-SP/RP, TS-509 Pro,...