Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: DEC670airp414user on May 13, 2024, 12:25:39 PM

Title: kea in opnsense and the tunnelvision vulnerability
Post by: DEC670airp414user on May 13, 2024, 12:25:39 PM
in reading https://kea.readthedocs.io/en/latest/arm/dhcp4-srv.html 

classless-static-route 121 internal false false

does that mean out of box Kea is not vulnerable to the latest vulnerability?
Title: Re: kea in opnsense and the tunnelvision vulnerability
Post by: Patrick M. Hausen on May 13, 2024, 12:37:46 PM
This is not a vulnerability in any particular piece of DHCP server software. The attack is carried out by placing a rogue DHCP server directly on your LAN infrastructure.
Text only | Text with Images