DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

MisFortune Cookie

  • tacitus
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
22 Dec 2014 08:38 #82161 by tacitus
MisFortune Cookie was created by tacitus
Not solely Draytek related, but just a heads up in case anyone might be affected:

http://www.pcworld.com/article/2861713/dangerous-misfortune-cookie-flaw-discovered-in-12-million-home-routers.html

More information here: http://www.checkpoint.com/blog/fortune-cookie-hole-internet-gateway/

A list of those tested so far and suspected to be vulnerable is here: http://mis.fortunecook.ie/misfortune-cookie-suspected-vulnerable.pdf

I notice there aren't any Draytek models on the list, so could someone confirm that Draytek do not use RomPager in any of their models - SOHO or Business - and they are not vulnerable to this particular attack?

Please Log in or Create an account to join the conversation.

More
22 Dec 2014 17:51 #82167 by admin
Replied by admin on topic Re: MisFortune Cookie
DrayTek do not use the vulnerable code and have no exposure to misfortune cookie.

http://www.draytek.co.uk/support/guides/kb-security-advisory-misfortune-cookie-vulnerability

Forum Administrator

Please Log in or Create an account to join the conversation.

  • tacitus
  • Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
23 Dec 2014 07:57 #82174 by tacitus
Replied by tacitus on topic Re: MisFortune Cookie

admin wrote: DrayTek do not use the vulnerable code and have no exposure to misfortune cookie.


Thanks for this - I was hoping that would be the case :)

Please Log in or Create an account to join the conversation.

Moderators: Sami