[AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you have Public IPv6 Facing Mikrotik

Alex Samad alex at samad.com.au
Sun Mar 31 17:51:13 EST 2019 

Sigh, how long have they promised V7 ...
Think it was coming soon 7years ago

Multithreaded BGP !

"
* There's a comment 'The fix is in v7' - theres a long running joke that v7
will never emerge (it probably never will, they've lost most of their
senior engineers, and refuse to open source their code to leverage their
developers in the community)
"
is this whispers or documented somewhere ?


What would some suggest as a good replacement ?

A



On Sat, 30 Mar 2019 at 09:48, Philip Loenneker <
Philip.Loenneker at tasmanet.com.au> wrote:

> Unfortunately this apparently fixes 2x softlock issues, but not a memory
> leak that results in a reboot of the device.
>
> You can read from here on to see more information:
>
> https://forum.mikrotik.com/viewtopic.php?f=2&t=147048#p723977
>
>
>
> Regards,
>
> *Philip Loenneker | Network Engineer** | TasmaNet*
>
>
>
> *From:* AusNOG <ausnog-bounces at lists.ausnog.net> *On Behalf Of *Shane Clay
> *Sent:* Friday, 29 March 2019 10:08 PM
> *To:* ausnog at lists.ausnog.net
> *Subject:* Re: [AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you
> have Public IPv6 Facing Mikrotik
>
>
>
> Looks like a fix is on the way:
>
>
>
> What's new in 6.45beta22 (2019-Mar-29 08:37):
>
> Changes in this release:
>
> !) ipv6 - fixed soft lockup when forwarding IPv6 packets (CVE-2018-19299);
>
> !) ipv6 - fixed soft lockup when processing large IPv6 Neighbor table
> (CVE-2018-19298);
>
>
>
> https://mikrotik.com/download/changelogs/testing-release-tree
>
>
>
>
>
> Shane Clay
>
> Caznet
>
>
>
>
>
> *From:* AusNOG <ausnog-bounces at lists.ausnog.net> *On Behalf Of *Noel
> Butler
> *Sent:* Friday, 29 March 2019 12:02 PM
> *To:* ausnog at lists.ausnog.net
> *Subject:* Re: [AusNOG] Mikrotik IPv6 Vulnerability - Must Read if you
> have Public IPv6 Facing Mikrotik
>
>
>
> On 29/03/2019 11:17, Mike Everest wrote:
>
> On the point of "the fix is in v7"
>
>
>
>
>
> v7  has for a great many years, been code for  "too hard basket"
>
>
>
> --
>
> Kind Regards,
>
> Noel Butler
>
> This Email, including any attachments, may contain legally privileged
> information, therefore remains confidential and subject to copyright
> protected under international law. You may not disseminate, discuss, or
> reveal, any part, to anyone, without the authors express written authority
> to do so. If you are not the intended recipient, please notify the sender
> then delete all copies of this message including attachments, immediately.
> Confidentiality, copyright, and legal privilege are not waived or lost by
> reason of the mistaken delivery of this message. Only PDF
> <http://www.adobe.com/> and ODF
> <http://en.wikipedia.org/wiki/OpenDocument> documents accepted, please do
> not send proprietary formatted documents
>
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20190331/4eb79353/attachment.html>

More information about the AusNOG mailing list