You are here

Home » Forums » Development » Possible Bugs

SCS-2017-001

4 posts / 0 new
Log in or register to post comments
Last post
Sun, 03/05/2017 - 14:03
#1
K7DXS
SCS-2017-001
I looked at the release notes for the latest release and became curious about the DoS vuln. What happened when someone decided to upload a file to a page that didn't expect it?
Top
Sun, 03/05/2017 - 14:40
KG6JEI
SCS-2017-001 – High Severity
SCS-2017-001 – High Severity
A remote Denial of Service flaw impacting ALL RELEASES of the AREDN/BBHN branded firmware since at least version 0.4.3. Immediate upgrade to 3.16.1.1 (or newer) is recommended to ensure stability of the mesh nodes.

"Denial-of-service attacks are characterized by an explicit attempt by attackers to prevent legitimate users of a service from using that service. "
https://en.wikipedia.org/wiki/Denial-of-service_attack
Top
Mon, 03/06/2017 - 09:23
(Reply to #2)
K7DXS
Yes, I know that it allows a
Yes, I know that it allows a DoS attack. Not only did I read the release notes, I read the commit message and code. My question was what happened when a file was uploaded where it wasn't expected. Memory full? Infinite loop? Kernel panic?
Top
Mon, 03/06/2017 - 15:08
(Reply to #3)
KG6JEI
Out of Memory
Out of Memory
Top

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer