The Graveyard - Products No Longer Supported > DNR-202L

DNR-202L - Firmware Security Patch v2.05.01 Released

(1/6) > >>

GreenBay42:
A firmware patch has been released.

Firmware --> ftp://FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DNR-202L/REVA/DNR-202L_REVA_FIRMWARE_PATCH_v2.05.01.zip

Release Notes:

Vulnerability ID: CVE-2012-5958   

Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.

nukemedic:
Glad to hear that security is being maintained. 

But I noticed that the button and tab descriptions all seem incorrect now - looks like variable names are being used instead of labels?

FurryNutz:
Please give a example of what your seeing or screen capture please.
Adding Screenshots In A Post

What browser are you using?


--- Quote from: nukemedic on December 23, 2017, 07:15:34 AM ---Glad to hear that security is being maintained. 

But I noticed that the button and tab descriptions all seem incorrect now - looks like variable names are being used instead of labels?

--- End quote ---

nukemedic:
latest safari on mac running sierra (not high sierra yet)

this is the first page, all pages are like this, settings pages even worse

FurryNutz:
Ok, I can confirm this as well:


Grammer Check:


Seen in both Safari and FF ESR (v52)

I'll pass this one to D-Link for review.

Navigation

[0] Message Index

[#] Next page

Go to full version