{"uuid": "4e28114e-0f25-4ccf-b9df-f58ec15aebf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19299", "type": "published-proof-of-concept", "source": "https://t.me/mtikpro/129", "content": "\u041d\u0430 \u0444\u043e\u0440\u0443\u043c\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u043e\u0432 UKNOF 46 9 \u0430\u043f\u0440\u0435\u043b\u044f \u043e\u0431\u0435\u0449\u0430\u044e\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0434\u0435\u0442\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u0437\u044b\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 RouterOS, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u043f\u043e #IPv6.\n\nhttps://indico.uknof.org.uk/event/46/contributions/667/\n\n\u0418\u0437 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f:\nDuring some research which found CVE-2018-19298 (MikroTik IPv6 Neighbor Discovery Protocol exhaustion), I uncovered a larger problem with MikroTik RouterOS\u2019s handling of IPv6 packets. This led to CVE-2018-19299, an unpublished and as yet unfixed (despite almost one year elapsing since vendor acknowledgement) vulnerability in RouterOS which allows for remote, unauthenticated denial of service. Unpublished\u2026 until UKNOF 43!\n\n\u041e\u0442\u0432\u0435\u0442 \u043e\u0442 normis (MikroTik Support) https://forum.mikrotik.com/viewtopic.php?f=2&t=147048\n\n28 Mar 2019, 16:50\nWe are aware of this issue and are working on it.\n\n-----\n\u0414\u0435\u0442\u0430\u043b\u0435\u0439 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442, \u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u0432\u043d\u0438\u043c\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043d\u043e\u0432\u043e\u0441\u0442\u044f\u043c\u0438 \u043d\u0430 \u0444\u043e\u0440\u0443\u043c\u0435 MikroTik \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 RouterOS.", "creation_timestamp": "2019-04-07T12:15:50.000000Z"}