![]() This has been reserved and not been made widely public yet. A remote attacker could use this to cause a denial of service. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. ![]() Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON. Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request. Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. Please secure your router after downgrading. !) user – removed insecure password storage ĭue to removal of compatibility with old version passwords in this version, downgrading to any version prior to v6.43 (v6.42.12 and older) will clear all user passwords and allow password-less authentication. !) security – fixed vulnerability CVE-2019-13074 !) ike2 – added support for EAP authentication methods (eap-tls, eap-ttls, eap-peap, eap-mschapv2) as initiator !) dot1x – added support for IEEE 802.1X Port-Based Network Access Control Some of these have been known and fixed before, while others are new fixes Mikrotik has released RouterOS 6.45.1 with some security vulnerability fixes.
0 Comments
Leave a Reply. |