Important security update for the RUT9XX series
(KRACK Attack, dnsmasq vulnerability)
Even if the flood of news about the security vulnerability after October 18. If it dried up again very quickly, our technicians remain busy with the topic of KRACK Attack and are in regular contact with the manufacturers of our distributions / brands.
On Friday (October 27th, 2017) the long-awaited patch for the RUT9XX series from Teltonika was released. In addition to the KRACK-Attack vulnerability, the update also fixes a vulnerability in the dnsmasq.
What is dnsmasq
Dnsmasq is a simple, free DNS and DHCP server for small networks. The names from the local network according to the file “/ etc / hosts” dissolved. Unknown name requests are forwarded and stored in the cache. Dnsmasq is part of many Linux distributions.
There is also more information at dnsmasq project or on the website of the Federal Office for Security .
A vulnerability ( CVE-2017-14491 ) in dnsmasq enables a remote, unauthenticated attacker to execute any program code and thus to take control of the system. Two other vulnerabilities make such attacks possible for an unauthenticated attacker in the neighboring network.
A remote, unauthenticated attacker can spy on information and carry out denial-of-service attacks (DoS attacks) via three further vulnerabilities.
This applies to all dnsmasq versions older than 2.78, an update to version 2.78 is strongly recommended, as the probability of exploiting the vulnerabilities is rated ‘high’.
With the Teltonika update, this vulnerability is now also eliminated.
Easy update via the software
The update process can be started very easily via the admin interface of the RUT9XX device. On page 150 of the manual (see below) you will find all information and screens for the user interface. When updating, please note the information in the manual: During the update process, you must neither remove the power plug nor press the reset button. Both of these can mean that the device can no longer be used.
Learn more about the threatening security vulnerability in the WPA2 encryption protocol here in our blog from October 18th, 2017 .