{"uuid": "cd798591-006a-4700-9a89-98bcf6e5fd07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-1158", "type": "seen", "source": "https://t.me/mikrotikninja/245", "content": "\u0412\u044b\u0448\u043b\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 RouterOS 6.42.7, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u043e\u0447\u0438\u0445 \u043d\u043e\u0432\u043e\u0432\u0432\u0435\u0434\u0435\u043d\u0438\u0439 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439: CVE-2018-1156, CVE-2018-1157, CVE-2018-1158, CVE-2018-1159\n\n\u041a\u0430\u0447\u0430\u0442\u044c \u0442\u0443\u0442: https://mikrotik.com/download\n\n\u041f\u0440\u043e\u0447\u0438\u0435 \u043d\u043e\u0432\u043e\u0432\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043a\u043e\u0441\u043d\u0443\u043b\u0438\u0441\u044c:\n - \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u0435 \u0440\u0430\u0431\u043e\u0442\u044b \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0440\u0438\u0438 CRS3XX\n - 60 GHZ\n - LTE\n - \u043c\u043d\u043e\u0433\u043e \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM\n \n\u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439:\n\nMAJOR CHANGES IN v6.42.7:\n----------------------\n!) security - fixed vulnerabilities CVE-2018-1156, CVE-2018-1157, CVE-2018-1158, CVE-2018-1159;\n----------------------\n\n*) bridge - improved bridge port state changing process;\n*) crs326/crs328 - fixed untagged packet forwarding through tagged ports when pvid=1; \n*) crs3xx - added command that forces fan detection on fan-equipped devices; \n*) crs3xx - fixed port disable on CRS326 and CRS328 devices; \n*) crs3xx - fixed tagged packet forwarding without VLAN filtering (introduced in 6.42.6);\n*) crs3xx - fixed VLAN filtering when there is no tagged interface specified; \n*) dhcpv4-relay - fixed false invalid flag presence;\n*) dhcpv6-client - allow to set \"default-route-distance\";\n*) dhcpv6 - improved reliability on IPv6 DHCP services; \n*) dhcpv6-server - properly update interface for dynamic DHCPv6 servers;\n*) ethernet - improved large packet handling on ARM devices with wireless;\n*) ethernet - removed obsolete slave flag from \"/interface vlan\" menu;\n*) ipsec - fixed \"sa-src-address\" deduction from \"src-address\" in tunnel mode;\n*) ipsec - improved invalid policy handling when a valid policy is uninstalled; \n*) ldp - properly load LDP configuration; \n*) led - fixed default LED configuration for RBLHGG-5acD-XL devices; \n*) lte - added signal readings under \"/interface lte scan\" for 3G and GSM modes; \n*) lte - fixed memory leak on USB disconnect; \n*) lte - fixed SMS send feature when not in LTE network;\n*) package - do not allow to install out of bundle package if it already exists within bundle;\n*) ppp - fixed interface enabling after a while if none of them where active;\n*) sfp - hide \"sfp-wavelength\" parameter for RJ45 transceivers; \n*) tr069-client - fixed unresponsive tr069 service when blackhole route is present;\n*) upgrade - fixed RouterOS upgrade process from RouterOS v5; \n*) userman - fixed compatibility with PayPal TLS 1.2;\n*) vrrp - fixed VRRP packet processing on VirtualBox and VMWare hypervisors;\n*) w60g - added distance measurement feature;\n*) w60g - fixed random disconnects;\n*) w60g - general stability and performance improvements;\n*) w60g - improved MCS rate detection process;\n*) w60g - improved MTU change handling;\n*) w60g - properly close connection with station on disconnect;\n*) w60g - stop doing distance measurements after first successful measurement;\n*) winbox - added \"secondary-channel\" setting to wireless interface if 80 MHz mode is selected;\n*) winbox - fixed \"sfp-connector-type\" value presence under \"Interface/Ethernet\";\n*) winbox - fixed warning presence for \"IP/IPsec/Peers\" menu;\n*) winbox - properly display all flags for bridge host entries;\n*) winbox - show \"System/RouterBOARD/Mode Button\" on devices that has such feature;\n*) wireless - added option to disable PMKID for WPA2;\n*) wireless - fixed memory leak when performing wireless scan on ARM;\n*) wireless - fixed packet processing after removing wireless interface from CAP settings; \n*) wireless - updated \"united-states\" regulatory domain information;", "creation_timestamp": "2018-08-23T06:17:37.000000Z"}