ASUS官網 4月16日更新 RT-AC66U/N66U/N16 固件版本 v3.0.0.4.374_5517

白巨斗 · 发表于 2014-4-23 09:29:19

本帖最后由 ada_qian 于 2014-5-12 09:30 编辑

ASUSWRT 4月16日发布FW v3.0.0.4.374_5517啦
支持的路由器有：RT-AC66U，RT-N66U，RT-N16，RT-N12 (REV.D1)， RT-N12HP，RT-N10U

更新內容參见附件

README- ASUSWRT.rar (13.83 KB, 下载次数: 795)

20140414- 3.0.0.4 build 374 extend no 5517

RT-AC66U/ AC66R
Security related issues:
1. Fixed remote command execution vulnerability

2. Fixed cross site scripting vulnerability
3. Fixed parameters buffer overflow vulnerability
4. Fixed XSS(Cross Site Scripting) vulnerability
5. Fixed CSRF(Cross Site Request Forgery) vulnerability
6. Added auto logout function. The timeout time can beconfigured in - Administration--> System
7. Included patches related to network map. Thanks for Merlin'scontribution.
8. Fixed password disclosure in source code whenadministrator logged in.
9. Changed OpenSSL Library from 1.0.0.b to 1.0.0.d. Both OpenSSLversions are not vulnerable to heartbleed bug.

Others:
1. Fixed IPTV related issues.
2. Modified the 3G/LTE dongle setting process in quick internetsetup wizard.
3. Fixed the Cloud sync problem
4. Fixed Parental control check box UI issues.
5. Modified the FTP/ Samba permission setting UI
6. Modified media server setting UI
7.Samba/media server/ iTunes server name can be changed.
8. Dual wan fail over now support fail back
9.Fixed wake on lan magic packet sending issue.
10.Fixed false alarm for samba and ftp permission.
11.Fixed IPv6 related issues.

Specialthanks for David and Palula’s research
CVE-2014-2719 http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html
Remotecommand execution http://seclists.org/fulldisclosure/2014/Apr/58
Reflected XSS: http://seclists.org/fulldisclosure/2014/Apr/59

RT-N66U/N66R/ N66W
Security related issues:
1. Fixed remote command execution vulnerability
2. Fixed cross site scripting vulnerability
3. Fixed parameters buffer overflow vulnerability
4. Fixed XSS(Cross Site Scripting) vulnerability
5. Fixed CSRF(Cross Site Request Forgery) vulnerability
6. Added auto logout function. The timeout time can beconfigured in - Administration--> System
7. Included patches related to network map. Thanks for Merlin'scontribution.
8. Fixed password disclosure in source code whenadministrator logged in.
9. Changed OpenSSL Library from 1.0.0.b to 1.0.0.d. Both OpenSSLversions are not vulnerable to heartbleed bug.

Others:
1. Fixed IPTV related issues.
2. Modified the 3G/LTE dongle setting process in quick internetsetup wizard.
3. Fixed the Cloud sync problem
4. Fixed Parental control check box UI issues.
5. Modified the FTP/ Samba permission setting UI
6. Modified media server setting UI
7.Samba/media server/ iTunes server name can be changed.
8. Dual wan fail over now support fail back
9.Fixed wake on lan magic packet sending issue.
10.Fixed false alarm for samba and ftp permission.
11.Fixed IPv6 related issues.

Specialthanks for David and Palula’s research
CVE-2014-2719 http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html
Remotecommand execution http://seclists.org/fulldisclosure/2014/Apr/58
Reflected XSS: http://seclists.org/fulldisclosure/2014/Apr/59

RT-N16
Security related issues:

1. Fixed remote command execution vulnerability
2. Fixed cross site scripting vulnerability
3. Fixed parameters buffer overflow vulnerability
4. Fixed XSS(Cross Site Scripting) vulnerability
5. Fixed CSRF(Cross Site Request Forgery) vulnerability
6. Added auto logout function. The timeout time can beconfigured in - Administration--> System
7. Included patches related to network map. Thanks for Merlin'scontribution.
8. Fixed password disclosure in source code whenadministrator logged in.
9. Changed OpenSSL Library from 1.0.0.b to 1.0.0.d. Both OpenSSLversions are not vulnerable to heartbleed bug.

Others:
1. Fixed IPTV related issues.
2. Modified the 3G/LTE dongle setting process in quick internetsetup wizard.
3. Fixed the Cloud sync problem
4. Fixed Parental control check box UI issues.
5. Modified the FTP/ Samba permission setting UI
6. Modified media server setting UI
7.Samba/media server/ iTunes server name can be changed.
8. Dual wan fail over now support fail back
9.Fixed wake on lan magic packet sending issue.
10.Fixed false alarm for samba and ftp permission.
11.Fixed IPv6 related issues.

Specialthanks for David and Palula’s research
CVE-2014-2719 http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html
Remotecommand execution http://seclists.org/fulldisclosure/2014/Apr/58
Reflected XSS: http://seclists.org/fulldisclosure/2014/Apr/59

RT-N12HP

Security related issues:
1. Fixed remote command execution vulnerability
2. Fixed parameters buffer overflow vulnerability
3. Fixed XSS(Cross Site Scripting) vulnerability
4. Fixed CSRF(Cross Site Request Forgery) vulnerability
5. Added auto logout function. The timeout time can beconfigured in - Administration--> System
6. Included patches related to network map. Thanks for Merlin'scontribution.
7. Fixed password disclosure in source code whenadministrator logged in.

Others:
1. Fixed IPTV related issues.
2. Fixed Parental control check box UI issues.
3.Fixed wake on lan magic packet sending issue.
4.Fixed IPv6 related issues.

RT-N12D1

Security related issues:
1. Fixed remote command execution vulnerability
2. Fixed parameters buffer overflow vulnerability
3. Fixed XSS(Cross Site Scripting) vulnerability
4. Fixed CSRF(Cross Site Request Forgery) vulnerability
5. Added auto logout function. The timeout time can beconfigured in - Administration--> System
6. Included patches related to network map. Thanks for Merlin'scontribution.
7. Fixed password disclosure in source code whenadministrator logged in.

Others:
1. Fixed IPTV related issues.
2. Fixed Parental control check box UI issues.
3.Fixed wake on lan magic packet sending issue.
4.Fixed IPv6 related issues.

RT-N10U/N10U B1

Security related issues:
1. Fixed remote command execution vulnerability
2. Fixed parameters buffer overflow vulnerability
3. Fixed XSS(Cross Site Scripting) vulnerability
4. Fixed CSRF(Cross Site Request Forgery) vulnerability
5. Added auto logout function. The timeout time can beconfigured in - Administration--> System
6. Included patches related to network map. Thanks for Merlin'scontribution.
7. Fixed password disclosure in source code whenadministrator logged in.

Others:
1. Fixed IPTV related issues.
2. Fixed Parental control check box UI issues.
3.Fixed wake on lan magic packet sending issue.
4.Fixed IPv6 related issues.
5. Modified the FTP permission setting UI

6. Modified the 3G/LTE dongle setting process in quick internetsetup wizard.

微信扫一扫，阅读更方便^_^

		自动登录	找回密码
密码			立即注册

[官方最新] ASUS官網 4月16日更新 RT-AC66U/N66U/N16 固件版本 v3.0.0.4.374_5517

站长推荐 /1

个人中心

[官方最新] ASUS官網 4月16日 更新 RT-AC66U/N66U/N16 固件版本 v3.0.0.4.374_5517

站长推荐 /1

个人中心

[官方最新] ASUS官網 4月16日更新 RT-AC66U/N66U/N16 固件版本 v3.0.0.4.374_5517