[GTER] Mikrotik IPv6 remote crash attack
fhfrediani at gmail.com
Mon Apr 1 08:59:51 -03 2019
Se não é um bug nem uma vulnerabilidade qual seria o termo adequado ?
On Sun, 31 Mar 2019, 23:49 Rubens Kuhl, <rubensk at gmail.com> wrote:
> On Thu, Mar 28, 2019 at 8:10 PM Job Snijders <job at ntt.net> wrote:
> > Dear all,
> > Word on the streets is that there is a serious bug in Mikrotik's IPv6
> > implementation. Given the popularity of Mikrotik in the Brasil region,
> > it would perhaps be good to keep an eye on the following:
> > https://forum.mikrotik.com/viewtopic.php?t=147048
> Mikrotik has now disclosed itself what the bugs are:
> "There were two IPv6 related issues resolved in this version:
> 1) IPv6 packet forwarding might get stuck (due to IPv6 route cache
> processing) that could lead to Watchdog reboot;
> 2) IPv6 neighbor table processing might get stuck (due to large neighbor
> table) that could lead to Watchdog reboot.
> Seems that one of these was considered as CVE and another one was not.
> Since author of these CVEs still has a problem, seems that actually #1 was
> not included in this CVE. However, this "problem" actually is not much of
> an issue. RouterOS IPv6 route cache max size by default is 1 million. If
> you try to reach 1 million hosts in your network, route cache grows and can
> take up to 500 MB. If you have device that does not have such resources, it
> will reboot itself. If router has, for example, 1 GB of RAM - there is no
> problem. We will most likely allow to change cache size or will decide its
> size based on RAM size. However, it can not be considered as a bug or
> vulnerability. You make router work and then complain that resources are
> required to do the job. This is not a bug."
> gter list https://eng.registro.br/mailman/listinfo/gter
More information about the gter