CVE-2017-14493 affects routers



  • Hello,
    I have found this announcement. Said bug affects android,linux and some routers.
    Address space randomization affected.

    My 4680 was nearly bricked last nite and now is semi-normal very odd its less than 3 months old.
    Factory restore DID NOT ERASE FILES I HAD CREATED WHY?
    I WANT A HARDER RESET! Will dd it's next time.

    Is there a preferred set of tty options for the console?
    Sincerely,
    JC Magras





  • I was expecting something along the lines of an official response. I spent $1500 here.
    What tty options do YOU use to access the console because my console has problems showing a clean unjumbled menu .(see img)and a consistent web response. THANK you.



  • Banned

    Dude WTH does your console have to do with dnsmasq?



  • WTH? Course words for this establishment.
    The console jumbling I interpret as misconfiguration
    (hence my solicitation of other's settings) or being infected.
    Suggestions welcome. Is there anything deeper than the factory reset?
    Thank you,
    JC Magras


  • Banned

    Huh, what establishment?

    You start a (yet another duplicate) topic about dnsmasq CVE-2017-14493 in a completely wrong forum section – and instead of at least sticking with the topic, you go on with some random ramblings about bricking, reset and serial console.

    What problem with dnsmasq are you trying to solve with random resets and serial console? dnsmasq is not even used by default on pfSense >=2.3.


  • Rebel Alliance Developer Netgate

    The link in the first reply contains a link to the blog post which is our official response to the dnsmasq CVE:
    https://www.netgate.com/blog/no-plan-survives-contact-with-the-internet.html

    That link contains information on how to upgrade the dnsmasq version in place on 2.3.4-p1 without needing a full firmware upgrade.

    As for your console, that looks like a faulty cable or connection in some way. Without knowing anything about the hardware or how you are connecting to the console, we can't give you any solid suggestions other than to try a new cable.

    If you purchased that device from Netgate, contact our support team at https://customercare.netgate.com/ and someone can lead you in the right direction for the console access issue.

    For factory reset, it has never been intended to be a complete reset in the way you describe. The only way to accomplish that is with a complete reinstall from an installation disk or other installation media.