New CERT vulnerability that can leave you vulnerable to a Man-in-the-Middle attack


Just learning about this now, seems a patch was pushed to dnsmasq. Anyone know if this patch has made its way to OpenWrt and if so, how to enable per " The next release of dnsmasq includes an option ( dhcp-ignore-names ) that can be used to mitigate the attack at the source, but we haven’t heard how Simon will act on this new vulnerability." source;

1 Like