ProHoster > Блог > labaran intanet > DNSpooq - sabbin lahani guda bakwai a cikin dnsmasq

DNSpooq - sabbin lahani guda bakwai a cikin dnsmasq

Kwararru daga ɗakunan bincike na JSOF sun ba da rahoton sabbin lahani guda bakwai a cikin uwar garken DNS/DHCP dnsmasq. Sabar dnsmasq ya shahara sosai kuma ana amfani dashi ta tsohuwa a yawancin rarrabawar Linux, da kuma cikin kayan aikin cibiyar sadarwa daga Cisco, Ubiquiti da sauransu. Lalacewar Dnspooq sun haɗa da guba na cache na DNS da kuma aiwatar da lambar nesa. An daidaita raunin a cikin dnsmasq 2.83.

A cikin 2008, sanannen mai binciken tsaro Dan Kaminsky ya gano kuma ya fallasa wata matsala ta asali a tsarin DNS na Intanet. Kaminsky ya tabbatar da cewa maharan na iya lalata adiresoshin yanki da satar bayanai. Tun daga wannan lokacin an san shi da sunan "Kaminsky Attack".

An dauki DNS a matsayin ƙa'idar da ba ta da tsaro shekaru da yawa, kodayake ya kamata ya ba da garantin wani matakin mutunci. Don haka ne har yanzu ana dogaro da shi sosai. A lokaci guda, an ƙirƙira hanyoyin inganta tsaro na asali na yarjejeniyar DNS. Waɗannan hanyoyin sun haɗa da HTTPS, HSTS, DNSSEC da sauran tsare-tsare. Koyaya, ko da duk waɗannan hanyoyin da ake amfani da su, satar DNS har yanzu hari ne mai haɗari a cikin 2021. Yawancin Intanet har yanzu yana dogara ga DNS kamar yadda ya yi a 2008, kuma yana da saukin kamuwa da nau'ikan hare-hare.

DNSpooq cache rashin lahani:
CVE-2020-25686, CVE-2020-25684, CVE-2020-25685. Wadannan raunin sun yi kama da harin SAD DNS kwanan nan da masu bincike daga Jami'ar California da Jami'ar Tsinghua suka ruwaito. SAD DNS da DNSpooq rashin lahani kuma za a iya haɗa su don yin hari cikin sauƙi. An kuma bayar da rahoton ƙarin hare-haren da ba a san sakamako ba ta hanyar haɗin gwiwar jami'o'i (Poison Over Troubled Forwarders, da dai sauransu).
Rashin lahani yana aiki ta hanyar rage entropy. Sakamakon amfani da zanta mai rauni don gano buƙatun DNS da daidaitaccen madaidaicin buƙatun ga amsa, ana iya rage yawan entropy kuma kawai ~ 19 ragowa kawai ana buƙatar hasashen, yana yuwuwar cutar da cache. Yadda dnsmasq ke aiwatar da rikodin CNAME yana ba shi damar zurfafa sarkar bayanan CNAME da guba da kyau har zuwa bayanan DNS 9 a lokaci guda.

Rashin lahani mai cike da buffer: CVE-2020-25687, CVE-2020-25683, CVE-2020-25682, CVE-2020-25681. All 4 lura vulnerabilities ne ba a cikin code tare da DNSSEC aiwatar da bayyana kawai a lokacin da dubawa via DNSSEC aka sa a cikin saituna.

source: linux.org.ru