Author Topic: Wi-Fi Inspector Port 53  (Read 2112 times)

0 Members and 1 Guest are viewing this topic.

Offline cindygo_ex

  • Newbie
  • *
  • Posts: 1
Wi-Fi Inspector Port 53
« on: June 30, 2018, 02:52:54 PM »
Hi - The Wi-Fi Inspector shows DNS: Device is vulnerable to attacks Port 53. I have logged into the router and disabled port 53 and rebooted my computer, reran scan but this showed up again. I logged back into router and deleted the port rebooted computer but still this port is detected by the Wi-Fi Inspector. The details says We have identified the following problem with your router or Wi-Fi hotspot device: DnsMasq heap buffer overflow vulnerability. Recommendation: The issue was fixed in DnsMasq software version 2.78, released in October 2017. To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.

I contacted my internet provided and they say the router firmware is current.

How do I get rid of this message?

Thanks for any help on this, Cindy

Offline bob3160

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 48019
  • 63 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Wi-Fi Inspector Port 53
« Reply #1 on: June 30, 2018, 11:06:32 PM »
Have you checked to see what version of the firmware your router is running ???
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 22.12, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline merckxist

  • Jr. Member
  • **
  • Posts: 76
Re: Wi-Fi Inspector Port 53
« Reply #2 on: July 01, 2018, 08:42:54 PM »
@cindygo_ex, re:

Have you checked to see what version of the firmware your router is running ???

From https://forum.avast.com/index.php?topic=215664.0 reply #14
Quote
You should test your router manually with the following command in cmd:
nslookup -type=txt -class=chaos version.bind ROUTER_IP

For example:
c:\>nslookup -type=txt -class=chaos version.bind 192.168.0.1
Server:  router
Address:  192.168.0.1
 
version.bind    text =
 
        "dnsmasq-2.45"

All versions prior to 2.78 are vulnerable.
There is a lengthy discussion in that topic about dnsmasq, isp provided routers and so on. Some posters have been told by their isp that the vulnerability has been fixed even if the dnsmasq version is older than v2.78. If so, I guess you have to take them at their word or ask about using a customer provided router that you can verify has a patched version of dnsmasq.

[edit]
Quote
How do I get rid of this message?
For now, the only sure way seems to be to use a router that has a patched version of dnsmasq. No one from Avast has identified an "exclusion" process for WiFi Inspector to ignore this vulnerability.
« Last Edit: July 01, 2018, 08:59:06 PM by merckxist »

Offline bob3160

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 48019
  • 63 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re: Wi-Fi Inspector Port 53
« Reply #3 on: July 03, 2018, 03:42:14 PM »
@cindygo_ex, re:

Have you checked to see what version of the firmware your router is running ???

From https://forum.avast.com/index.php?topic=215664.0 reply #14
Quote
You should test your router manually with the following command in cmd:
nslookup -type=txt -class=chaos version.bind ROUTER_IP

For example:
c:\>nslookup -type=txt -class=chaos version.bind 192.168.0.1
Server:  router
Address:  192.168.0.1
 
version.bind    text =
 
        "dnsmasq-2.45"

All versions prior to 2.78 are vulnerable.
There is a lengthy discussion in that topic about dnsmasq, isp provided routers and so on. Some posters have been told by their isp that the vulnerability has been fixed even if the dnsmasq version is older than v2.78. If so, I guess you have to take them at their word or ask about using a customer provided router that you can verify has a patched version of dnsmasq.

[edit]
Quote
How do I get rid of this message?
For now, the only sure way seems to be to use a router that has a patched version of dnsmasq. No one from Avast has identified an "exclusion" process for WiFi Inspector to ignore this vulnerability.
IMHO, there shouldn't be an exclusion for this or any other actual vulnerability reported by Avast. It's Avast's job to inform and protect.
Since, in this case, all Avast can do is inform, it's up to you to correct and fix the vulnerability.
Till that's done, the vulnerability is still present. You can always ignore it. Avast should not exclude it.
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 22.12, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet