Ụlọ ọrụ Qualys anọ na OpenBSD, otu n'ime ya na-enye gị ohere ijikọ na-enweghị nkwenye na ụfọdụ ọrụ netwọk, na atọ ndị ọzọ na-abawanye ohere gị na sistemụ. Akụkọ Qualys kwuru nzaghachi ngwa ngwa nke ndị mmepe OpenBSD - nsogbu niile bụ в и n'ime awa 40 mgbe ọkwa nzuzo gasịrị.
Ọ bụ njehie n'ịkpọ onye na-ahụ maka nyocha n'ọbá akwụkwọ libc bụ nke na-akpọ adịghị ike nke a na-erigbu n'ime ime.
program /usr/libexec/auth/login_style na-agafe arụmụka na ahịrị iwu. Gụnyere mgbe ị na-akpọ login_style site na iji paramita nhọrọ “-s service”, ọ ga-ekwe omume ịnyefe aha protocol. Ọ bụrụ na ị na-eji agwa "-" na mmalite aha njirimara, a ga-ewere aha a dị ka nhọrọ mgbe ị na-agba login_style. N'ihi ya, ọ bụrụ na ezipụta "-schallenge" ma ọ bụ "-schallenge: passwd" dị ka aha njirimara n'oge nyocha, mgbe ahụ login_style ga-aghọta arịrịọ ahụ dị ka arịrịọ iji njikwa. .
Nsogbu a bụ na a na-akwado S/ Key protocol in login_style naanị n'ụzọ nkịtị, mana a na-eleghara ya anya site na mmepụta nke akara ngosi na-aga nke ọma. Ya mere, onye na-awakpo nwere ike, site n'ime ka onye ọrụ "-challenge", gafere nyocha wee nweta ohere na-enyeghị paswọọdụ ma ọ bụ igodo. Nsogbu a nwere ike imetụta ọrụ netwọk niile na-eji oku libc ọkọlọtọ maka nyocha. Dịka ọmụmaatụ, a na-akwado ikike ịgafe nyocha na smtpd (AUTH PLAIN), ldapd na radiusd.
Ihe ọghọm adịghị apụta na sshd, ebe ọ nwere nchebe ọzọ na-enyocha ọnụnọ nke onye ọrụ na sistemụ. Agbanyeghị, enwere ike iji sshd nwalee adịghị ike nke sistemụ - mgbe ị na-enweta aha njirimara "-sresponse:passwd", njikọ ahụ kwụgidere, ebe sshd na-eche login_passwd iji weghachi paramita ihe ịma aka, login_passwd na-echere paramita efu ezigara (aha "- sresponse" ka a na-ewere dị ka nhọrọ). Onye na-awakpo mpaghara nwere ike ịnwa ịgafe nyocha na su utility, mana ịfefe aha "-sresponse" na-eme ka usoro ahụ daa site n'iweghachite pointer null mgbe ọ na-arụ ọrụ getpwnam_r ("-schallenge", ...).
Ihe ọghọm ndị ọzọ:
- CVE-2019-19520 Nwelite ihe ùgwù mpaghara site na ijikwa ngwa xlock ewepụtara ya na ọkọlọtọ sgid na-agbanwe otu ka ọ bụrụ "auth". Na koodu xlock, amachibidoro ịkọwapụta ụzọ gaa n'ọbá akwụkwọ naanị mgbe agbanwere njirimara onye ọrụ (setuid), nke na-enye ohere ka onye na-awakpo ahụ gbanwee mgbanwe gburugburu ebe obibi "LIBGL_DRIVERS_PATH" ma hazie ntinye nke ọbá akwụkwọ ya na-ekekọrịta, koodu nke a ga-egbu. mgbe ebulichara ihe ùgwù na otu "auth".
- CVE-2019-19522 - Na-enye onye ọrụ mpaghara bụ onye otu "auth" ohere ịgba koodu dị ka mgbọrọgwụ mgbe agbanyere nyocha S/Key ma ọ bụ YubiKey na sistemụ (anaghị arụ ọrụ na ndabara). Ịbanye na otu "auth", nke enwere ike ịnweta site na iji adịghị ike ahụ a kpọtụrụ aha n'elu na xlock, na-enye gị ohere ide faịlụ na /etc/skey na /var/db/yubikey directories. Dịka ọmụmaatụ, onye na-awakpo nwere ike ịgbakwunye faịlụ ọhụrụ /etc/skey/root iji mepụta igodo otu oge maka nyocha dị ka onye ọrụ mgbọrọgwụ site na S/Key.
- CVE-2019-19519 - ohere nke ịbawanye oke akụrụngwa site na iji ikike su utility. Mgbe akọwapụtara nhọrọ "-L", nke na-eme ka a na-emegharị nyocha nyocha ugboro ugboro ma ọ bụrụ na ọ gaghị eme nke ọma, a na-edozi klaasị onye ọrụ naanị otu ugboro na anaghị emegharị ya na mbọ ndị ọzọ. Onye na-awakpo nwere ike igbu "su-l-L" na mbọ mbụ iji klas akaụntụ dị iche banye nbanye onye ọzọ, mana na mbọ nke abụọ ọ nwere ike nyochaa nke ọma dị ka onwe ya. N'ọnọdụ a, onye ọrụ ga-anọ n'okpuru oke dabere na klaasị onye ọrụ akọwapụtara na mbọ mbụ (dịka ọmụmaatụ, ọnụọgụ kachasị nke usoro ma ọ bụ nha ebe nchekwa maka usoro). Usoro a na-arụ ọrụ naanị maka ịgbazinye oke n'aka ndị ọrụ enweghị ohere, ebe ọ bụ na onye ọrụ mgbọrọgwụ ga-abụrịrị na otu wheel).
Ọzọkwa, enwere ike ịdeba ya na OpenBSD, usoro ọhụrụ maka ịlele izi ezi nke oku sistemụ, nke na-eme ka nrigbu nke adịghị ike. Usoro a na-enye ohere ka emee oku sistemu naanị ma ọ bụrụ na enweta ya site na mpaghara ebe nchekwa edebanyere aha mbụ. Ka akara ebe nchekwa akara oku usoro ohuru .
isi: opennet.ru