Cov kws tshaj lij los ntawm JSOF cov chaw tshawb fawb tau tshaj tawm xya qhov tsis zoo tshiab hauv DNS / DHCP server dnsmasq. dnsmasq neeg rau zaub mov yog nrov heev thiab yog siv los ntawm lub neej ntawd nyob rau hauv ntau Linux distributions, nrog rau cov khoom siv network los ntawm Cisco, Ubiquiti thiab lwm yam. Dnspooq vulnerabilities muaj xws li DNS cache lom nrog rau cov chaw taws teeb tswj. Qhov tsis zoo tau raug kho hauv dnsmasq 2.83.
Hauv xyoo 2008, tus kws tshawb fawb txog kev ruaj ntseg Dan Kaminsky tau tshawb pom thiab nthuav tawm qhov tsis txaus ntseeg hauv Is Taws Nem DNS mechanism. Kaminsky tau ua pov thawj tias cov neeg tawm tsam tuaj yeem dag cov chaw nyob thiab nyiag cov ntaub ntawv. Qhov no tau dhau los ua lub npe hu ua "Kaminsky Attack".
DNS tau raug suav hais tias yog cov txheej txheem tsis ruaj ntseg rau ntau xyoo, txawm hais tias nws yuav tsum tau lees paub qee theem ntawm kev ncaj ncees. Nws yog vim li no tias nws tseem muaj kev cia siab ntau rau. Tib lub sijhawm, cov txheej txheem tau tsim los txhim kho kev ruaj ntseg ntawm tus thawj DNS raws tu qauv. Cov txheej txheem no suav nrog HTTPS, HSTS, DNSSEC thiab lwm yam kev pib. Txawm li cas los xij, txawm tias tag nrho cov txheej txheem no nyob rau hauv qhov chaw, DNS hijacking tseem yog qhov txaus ntshai nres hauv 2021. Feem ntau ntawm Is Taws Nem tseem tso siab rau DNS tib yam uas nws tau ua hauv xyoo 2008, thiab muaj kev cuam tshuam rau tib hom kev tawm tsam.
DNSpooq cache lom vulnerabilities:
CVE-2020-25686, CVE-2020-25684, CVE-2020-25685. Cov kev tsis zoo no zoo ib yam li SAD DNS tawm tsam tsis ntev los no tau tshaj tawm los ntawm cov kws tshawb fawb los ntawm University of California thiab Tsinghua University. SAD DNS thiab DNSpooq vulnerabilities kuj tuaj yeem ua ke los ua kev tawm tsam txawm yooj yim dua. Kev tawm tsam ntxiv nrog qhov tshwm sim tsis meej kuj tau tshaj tawm los ntawm kev sib koom tes ntawm cov tsev kawm qib siab (Poison Over Troubled Forwarders, thiab lwm yam).
Vulnerabilities ua haujlwm los ntawm kev txo cov entropy. Vim yog siv cov hash tsis muaj zog los txheeb xyuas qhov kev thov DNS thiab qhov tsis sib xws ntawm qhov kev thov rau cov lus teb, entropy tuaj yeem txo qis heev thiab tsuas yog ~ 19 cov khoom yuav tsum tau twv, ua rau cache lom tau. Txoj kev dnsmasq txheej txheem CNAME cov ntaub ntawv tso cai rau nws mus spoof ib tug saw ntawm CNAME cov ntaub ntawv thiab zoo tshuaj lom mus txog 9 DNS cov ntaub ntawv ib zaug.
Tsis pub dhau qhov tsis zoo: CVE-2020-25687, CVE-2020-25683, CVE-2020-25682, CVE-2020-25681. Tag nrho 4 qhov tsis zoo uas tau sau tseg yog tam sim no nyob rau hauv cov cai nrog DNSSEC kev siv thiab tshwm sim tsuas yog thaum kuaj xyuas ntawm DNSSEC tau qhib hauv qhov chaw.
Tau qhov twg los: linux.org.ru ua