-
1/2 If you run Linux somewhere (desktop, routers, IoT, …) and use
#dnsmasq check out these vulnerabilities (3 RCE, 1 info leak and 3 DoS) we discovered. Exploitable through DNS and DHCP. https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html … -
-
Many fixes for vulnerable
#dnsmasq. Here’s what you need to know to keep your network secure: http://red.ht/2xVJWb6#infosec -
2/2 Quite big and could take a long time to get good patch coverage. PoCs for the
#Dnsmasq vulnerabilities can be found at https://github.com/google/security-research-pocs/tree/master/vulnerabilities/dnsmasq … Very proud of the team! -
If you manage a corporate network / you have a custom DNS setup / you don't like
#DoH (DNS-over-HTTPS), you can use the following line in#dnsmasq to make#Firefox (and perhaps other clients) keep using standard DNS: (Warning: disable DoH only if you understand it)pic.twitter.com/BREFNARdLX
Prikaži ovu nit -
Don’t forget that open source tools are used in many commercial solutions! Patch, patch and patch again… (ex:
@Synology uses#dnsmasq) pic.twitter.com/t7kNqnD7St
-
Damn
@fjserna & team :) . Now our SOHO routers (amongst others) are (even more) exposed. Multiple vulns in#dnsmasq: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html … -
5 days into PoC
#exploit to#dnsmasq 1,131K devices available on public internet.#patch and#detect today#CyberAware#CyberSecuritypic.twitter.com/KgQN5gJynL
-
Serious vulnerabilities found in
#dnsmasq: https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html … -
Installed
#dnscrypt on the local server, along with#dnsmasq. pic.twitter.com/yrN9VgZw5i
-
Multiple RCE in dnsmasq, now patched https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html …
#dnsmasq#linux#vulnerability -
Yes, it's horrible. When you have to symlink dns resolver config, you know you're a shit developer. I switched over to
#dnsmasq entirely because of this mess. -
[VUL]
#Dnsmasq#vulnerability puts home#routers and#IoT devices at risk. Read now: https://goo.gl/tNgsPG#Cybersecurity#security -
I just found
#dnsmasq's --ipset option. Now I finally can make a DNS-Based routing, so proxy-sensitive apps can use my non-VPN'd-gateway :-D -
Clippy: It looks like what you're trying to do is DNS spoofing, would you like help?
#dnsmasq pic.twitter.com/IhtWlJvnMJ
-
A search on Shodan shows approximately 1.1 million internet-facing devices currently running
#Dnsmasq services. https://www.bitdefender.com/box/blog/router/dnsmasq-vulnerability-puts-home-routers-iot-devices-risk/?cid=soc|box|tw|noncomm … -
Get
#OpenVPN 2.4.4 or#DNSMASQ 2.78, upgrade to@opnsense 17.7.5 Still not using#OPNsense? Get your free download https://opnsense.org pic.twitter.com/nEmUj9QbmS
-
18.7.6 has been released.
#patchday#unbound#dnsmasq#api https://forum.opnsense.org/index.php?topic=10055.0 … -
The difficulties in setting up
#DNS the way I wanted to was the first reason I moved away from#systemd based distros. Setting up#dnsmasq +#dnscrypt-proxy for#DoH + host based blocking is a piece of cake in@VoidLinux.https://twitter.com/BrianLPond/status/1180874996266090496 …
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
The