AndyL, welcome in the forum!
There is a brand new post in German language on this subject viewtopic.php?p=266013
The summary is: yes, IPCop is vulnerable, a fix will follow. However packets on the RED interface will be dropped anyway, so any hacker must reside on the "friendly" side of the firewall. As an interim solution, add a firewall rule to block any tcp/53 from GREEN and BLUE. To achieve that, edit file /var/ipcop/dhcp/dnsmasq.local
, and add the following line:
Following that, restart DNSMasq by the command /etc/rc.d/rc.dnsmasq restart