ProHoster > Блог > xov xwm hauv internet > Peb qhov teeb meem tseem ceeb hauv Exim uas tso cai rau kev ua haujlwm ntawm lub server

Peb qhov teeb meem tseem ceeb hauv Exim uas tso cai rau kev ua haujlwm ntawm lub server

Qhov project Zero Day Initiative (ZDI) tau tshaj tawm qhov tsis muaj zog (zero-day) (CVE-2023-42115, CVE-2023-42116, CVE-2023-42117) hauv Exim mail server. Cov qhov tsis muaj zog no tso cai rau kev ua haujlwm ntawm cov lej deb ntawm lub server nrog cov cai ntawm cov txheej txheem lees txais kev sib txuas ntawm qhov chaw nres nkoj network 25. Tsis tas yuav tsum muaj kev lees paub rau qhov kev tawm tsam.

Qhov tsis muaj zog thawj zaug (CVE-2023-42115) yog tshwm sim los ntawm qhov yuam kev hauv SMTP kev pabcuam thiab muaj feem cuam tshuam nrog qhov tsis muaj kev lees paub zoo ntawm cov ntaub ntawv tau txais los ntawm tus neeg siv thaum lub sijhawm SMTP thiab siv los xam qhov loj ntawm buffer. Yog li ntawd, tus neeg tawm tsam tuaj yeem hloov kho lawv cov ntaub ntawv kom sau rau qhov chaw nco dhau ntawm qhov buffer tau muab faib.

Qhov tsis muaj zog thib ob (CVE-2023-42116) muaj nyob rau hauv NTLM request handler thiab yog los ntawm kev theej cov ntaub ntawv tau txais los ntawm tus neeg siv mus rau hauv lub buffer loj tsis muaj kev kuaj xyuas qhov loj ntawm cov ntaub ntawv uas tau sau.

Qhov tsis muaj zog thib peb (CVE-2023-42117) muaj nyob rau hauv cov txheej txheem smtp, uas lees txais kev sib txuas ntawm TCP chaw nres nkoj 25, thiab yog vim tsis muaj kev lees paub cov ntaub ntawv nkag, uas tuaj yeem ua rau cov ntaub ntawv xa los ntawm tus neeg siv raug sau rau thaj chaw nco sab nraum lub buffer uas tau muab faib.

Cov qhov tsis zoo tau cim ua xoom-hnub, txhais tau tias lawv tseem tsis tau kho, tab sis daim ntawv tshaj tawm ZDI hais tias Exim cov neeg tsim khoom tau txais kev ceeb toom txog cov teeb meem ua ntej. Qhov kev hloov pauv zaum kawg rau Exim codebase tau ua ob hnub dhau los, thiab nws tsis meej tias thaum twg cov teeb meem yuav raug kho (cov neeg muag khoom faib khoom tseem tsis tau teb, vim tias cov ntaub ntawv tau tshaj tawm yam tsis muaj cov ntsiab lus ntau teev dhau los). Exim cov neeg tsim khoom tam sim no tab tom npaj tso tawm qhov tshiab version 4.97, tab sis tsis tau muaj hnub tso tawm tseeb. Kev txwv kev nkag mus rau Exim-based SMTP kev pabcuam tau hais tias yog tib txoj kev txo qis tam sim no.

Ntxiv rau qhov tsis muaj zog tseem ceeb uas tau hais los saum toj no, cov ntaub ntawv kuj tau tshaj tawm txog ntau qhov teeb meem tsis txaus ntshai:

  • CVE-2023-42118 yog ib qho integer overflow hauv libspf2 library uas tshwm sim thaum parsing SPF macros. Qhov tsis muaj zog no ua rau lub cim xeeb nyob deb puas tsuaj thiab muaj peev xwm raug siv los ua cov code arbitrary. server.
  • CVE-2023-42114 yog qhov tsis muaj zog nyeem ntawv sab nraud ntawm NTLM handler. Qhov tsis muaj zog no yuav ua rau muaj qhov xau ntawm lub cim xeeb hauv cov txheej txheem tswj cov kev thov hauv network.
  • CVE-2023-42119 - Muaj qhov tsis zoo hauv dnsdb handler ua rau muaj qhov xau ntawm lub cim xeeb hauv cov txheej txheem smtp.

Tau qhov twg los: opennet.ru

Yuav txhim khu kev qha hosting rau cov chaw nrog DDoS tiv thaiv, VPS VDS servers 🔥 Yuav lub vev xaib hosting txhim khu kev qha nrog kev tiv thaiv DDoS, VPS VDS servers | ProHoster