ProHoster > Π‘Π»ΠΎΠ³ > xov xwm hauv internet > Peb qhov teeb meem tseem ceeb hauv Exim uas tso cai rau kev ua haujlwm ntawm lub server

Peb qhov teeb meem tseem ceeb hauv Exim uas tso cai rau kev ua haujlwm ntawm lub server

Zero Day Initiative (ZDI) qhov project tau tshaj tawm cov ntaub ntawv hais txog unpatched (0-hnub) vulnerabilities (CVE-2023-42115, CVE-2023-42116, CVE-2023-42117) nyob rau hauv Exim mail server, tso cai rau koj mus remotely ua koj. code ntawm tus neeg rau zaub mov nrog cov txheej txheem cai uas lees txais kev sib txuas ntawm qhov chaw nres nkoj network 25. Tsis muaj authentication yuav tsum tau ua kom tawm tsam.

Thawj qhov tsis zoo (CVE-2023-42115) yog tshwm sim los ntawm qhov yuam kev hauv kev pabcuam smtp thiab cuam tshuam nrog qhov tsis muaj kev kuaj xyuas zoo ntawm cov ntaub ntawv tau txais los ntawm tus neeg siv thaum lub sijhawm SMTP kev sib kho thiab siv los xam qhov tsis muaj qhov loj me. Raws li qhov tshwm sim, tus neeg tawm tsam tuaj yeem ua tiav kev tswj hwm kev sau ntawm nws cov ntaub ntawv mus rau thaj chaw nco dhau ntawm tus ciam teb ntawm kev faib tsis tau.

Qhov thib ob qhov tsis zoo (CVE-2023-42116) yog tam sim no nyob rau hauv NTLM daim ntawv thov handler thiab yog tshwm sim los ntawm kev luam cov ntaub ntawv tau txais los ntawm tus neeg siv mus rau hauv qhov chaw ruaj khov tsis muaj qhov tsim nyog kuaj xyuas qhov loj ntawm cov ntaub ntawv sau.

Qhov thib peb qhov tsis zoo (CVE-2023-42117) yog tam sim no nyob rau hauv cov txheej txheem smtp lees txais kev sib txuas ntawm TCP chaw nres nkoj 25 thiab yog tshwm sim los ntawm qhov tsis muaj cov ntaub ntawv siv tau, uas tuaj yeem ua rau cov neeg siv khoom siv cov ntaub ntawv raug sau mus rau thaj chaw nco sab nraum qhov tsis sib faib. .

Vulnerabilities raug cim ua 0-hnub, i.e. nyob twj ywm unfixed, tab sis ZDI tsab ntawv ceeb toom hais tias Exim developers tau ceeb toom txog cov teeb meem ua ntej. Qhov kawg hloov pauv rau Exim codebase tau ua ob hnub dhau los thiab nws tseem tsis tau paub meej tias thaum twg cov teeb meem yuav raug kho (tshwj xeeb cov tuam txhab tseem tsis tau muaj sijhawm los cuam tshuam txij li cov ntaub ntawv tau tshaj tawm yam tsis muaj cov ntsiab lus ntau teev dhau los). Tam sim no, Exim cov neeg tsim khoom tab tom npaj tso tawm tshiab version 4.97, tab sis tsis muaj cov ntaub ntawv qhia meej txog lub sijhawm ntawm nws qhov kev tshaj tawm. Tib txoj kev tiv thaiv tam sim no tau hais txog yog txwv tsis pub nkag mus rau Exim-based SMTP kev pabcuam.

Ntxiv nrog rau cov lus hais saum toj no, cov ntaub ntawv tseem ceeb tau tshaj tawm txog ntau yam teeb meem tsis txaus ntseeg:

  • CVE-2023-42118 yog ib qho integer overflow hauv libspf2 lub tsev qiv ntawv thaum parsing SPF macros. Qhov tsis txaus ntseeg tso cai rau koj los pib ua tej yam tsis zoo ntawm cov ntsiab lus nco thiab tuaj yeem siv los npaj kev ua tiav ntawm koj cov cai ntawm lub server.
  • CVE-2023-42114 yog ib qho tawm-ntawm-tsis nyeem hauv NTLM handler. Qhov teeb meem tuaj yeem ua rau lub cim xeeb ntawm cov txheej txheem pabcuam kev thov kev sib txuas lus.
  • CVE-2023-42119 yog qhov tsis zoo hauv dnsdb handler uas ua rau lub cim xeeb xau hauv cov txheej txheem smtp.

Tau qhov twg los: opennet.ru

Ntxiv ib saib