ASA-2019-00619 – MikroTik RouterOS: Improper DNS Response Handling

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00619

Identifier(s)

ASA-2019-00619, CVE-2019-3979, TRA-2019-46

Title

Improper DNS Response Handling

Vendor(s)

MikroTik

Product(s)

MikroTik RouterOS

Affected version(s)

MikroTik RouterOS Stable versions before 6.45.7
MikroTik RouterOS Long-term versions before 6.44.6

Fixed version(s)

MikroTik RouterOS Stable version 6.45.7
MikroTik RouterOS Long-term version 6.44.6

Proof of concept

Unknown

Description

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated data attack. The router adds all A records to its DNS cache even when the records are unrelated to the domain that was queried. Therefore, a remote attacker controlled DNS server can poison the router’s DNS cache via malicious responses with additional and untrue records.

Technical details

Unknown

Credits

Jacob Baines (Tenable Research)

Reference(s)

MikroTik RouterOS Multiple Vulnerabilities
https://www.tenable.com/security/research/tra-2019-46

RouterOS: Chain to Root
https://medium.com/tenable-techblog/routeros-chain-to-root-f4e0b07c0b21

MikroTik Routers and Wireless – Software
https://mikrotik.com/download/changelogs

CVE-2019-3979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3979

CVE-2019-3979
https://nvd.nist.gov/vuln/detail/CVE-2019-3979

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: October 29, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.