I haven't had a chance yet to verify whether this affects any of the RouterOS v5.25 boxes I've deployed, but forwarding along FYI ...
---------- Forwarded message ---------- From: king cope <isowarez.isowarez.isowa...@googlemail.com> Date: Mon, Sep 2, 2013 at 9:45 AM Subject: [Full-disclosure] Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption To: full-disclos...@lists.grok.org.uk, bugt...@securityfocus.com, submissi...@packetstormsecurity.com Hello lists, here you find the analysis of a vulnerability I recently discovered. Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption http://kingcope.wordpress.com/2013/09/02/mikrotik-routeros-5-and-6-sshd-remote-preauth-heap-corruption/ Additionally it includes a way to drop into a development shell for recent Mikrotik RouterOS versions. Cheers :> Kingcope _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- Ben West http://gowasabi.net b...@gowasabi.net 314-246-9434
_______________________________________________ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless