ProHoster > ื‘ืœื•ื’ > ื—ื“ืฉื•ืช ื‘ืื™ื ื˜ืจื ื˜ > ื ืงื•ื“ื•ืช ืชื•ืจืคื” ื‘-APC Smart-UPS ื”ืžืืคืฉืจื•ืช ืฉืœื™ื˜ื” ืžืจื—ื•ืง ื‘ืžื›ืฉื™ืจ

ื ืงื•ื“ื•ืช ืชื•ืจืคื” ื‘-APC Smart-UPS ื”ืžืืคืฉืจื•ืช ืฉืœื™ื˜ื” ืžืจื—ื•ืง ื‘ืžื›ืฉื™ืจ

ื—ื•ืงืจื™ ืื‘ื˜ื—ื” ืฉืœ ืืจืžื™ืก ื—ืฉืคื• ืฉืœื•ืฉ ื ืงื•ื“ื•ืช ืชื•ืจืคื” ื‘ืืกืคืงืช ืืœ-ืคืกืง ื”ืžื ื•ื”ืœืช ืฉืœ APC ื”ืžืืคืฉืจื•ืช ืฉืœื™ื˜ื” ืžืจื—ื•ืง ื•ืชืคืขื•ืœ ื‘ืžื›ืฉื™ืจ, ื›ื’ื•ืŸ ื›ื™ื‘ื•ื™ ื—ืฉืžืœ ืœื™ืฆื™ืื•ืช ืžืกื•ื™ืžื•ืช ืื• ืฉื™ืžื•ืฉ ื‘ื• ื›ืงืจืฉ ืงืคื™ืฆื” ืœื”ืชืงืคื•ืช ืขืœ ืžืขืจื›ื•ืช ืื—ืจื•ืช. ื”ืคื’ื™ืขื•ื™ื•ืช ื ืงืจืื•ืช TLStorm ื•ืžืฉืคื™ืขื•ืช ืขืœ APC Smart-UPS (ืกื“ืจื•ืช SCL, SMX, SRT) ื•-SmartConnect (ืกื“ืจื•ืช SMT, SMTL, SCL ื•-SMX).

ืฉืชื™ ื ืงื•ื“ื•ืช ืชื•ืจืคื” ื ื’ืจืžื•ืช ื›ืชื•ืฆืื” ืžืฉื’ื™ืื•ืช ื‘ื™ื™ืฉื•ื ืคืจื•ื˜ื•ืงื•ืœ TLS ื‘ืžื›ืฉื™ืจื™ื ื”ืžื ื•ื”ืœื™ื ื‘ืืžืฆืขื•ืช ืฉื™ืจื•ืช ืขื ืŸ ืžืจื›ื–ื™ ืฉืœ ืฉื ื™ื™ื“ืจ ืืœืงื˜ืจื™ืง. ื”ืชืงื ื™ื ืžืกื“ืจืช SmartConnect ืžืชื—ื‘ืจื™ื ืื•ื˜ื•ืžื˜ื™ืช ืœืฉื™ืจื•ืช ืขื ืŸ ืžืจื›ื–ื™ ืขื ื”ืคืขืœื” ืื• ืื•ื‘ื“ืŸ ื—ื™ื‘ื•ืจ, ื•ืชื•ืงืฃ ืœืœื ืื™ืžื•ืช ื™ื›ื•ืœ ืœื ืฆืœ ื ืงื•ื“ื•ืช ืชื•ืจืคื” ื•ืœื”ืฉื™ื’ ืฉืœื™ื˜ื” ืžืœืื” ืขืœ ื”ืžื›ืฉื™ืจ ืขืœ ื™ื“ื™ ืฉืœื™ื—ืช ืžื ื•ืช ืฉืชื•ื›ื ื ื• ื‘ืžื™ื•ื—ื“ ืœ-UPS.

  • CVE-2022-22805 - ื’ืœื™ืฉืช ืžืื’ืจ ื‘ืงื•ื“ ื”ืจื›ื‘ื” ืžื—ื“ืฉ ืฉืœ ืžื ื•ืช ืžื ื•ืฆืœ ื‘ื–ืžืŸ ืขื™ื‘ื•ื“ ื—ื™ื‘ื•ืจื™ื ื ื›ื ืกื™ื. ื”ื‘ืขื™ื” ื ื’ืจืžืช ืžื”ืขืชืงืช ื ืชื•ื ื™ื ืœืžืื’ืจ ื‘ื–ืžืŸ ืขื™ื‘ื•ื“ ืจืฉื•ืžื•ืช TLS ืžืงื•ื˜ืขื•ืช. ื ื™ืฆื•ืœ ื”ืคื’ื™ืขื•ืช ืžืงืœ ืขืœ ื™ื“ื™ ื˜ื™ืคื•ืœ ืฉื’ื•ื™ ื‘ืฉื’ื™ืื•ืช ื‘ืขืช ืฉื™ืžื•ืฉ ื‘ืกืคืจื™ื™ืช Mocana nanoSSL - ืœืื—ืจ ื”ื—ื–ืจืช ืฉื’ื™ืื”, ื”ื—ื™ื‘ื•ืจ ืœื ื ืกื’ืจ.
  • CVE-2022-22806 - ืžืขืงืฃ ืื™ืžื•ืช ื‘ืขืช ื”ืงืžืช ื”ืคืขืœืช TLS ื”ื ื’ืจืžืช ืžืฉื’ื™ืืช ืžืฆื‘ ื‘ืžื”ืœืš ืžืฉื ื•ืžืชืŸ ืขืœ ื—ื™ื‘ื•ืจ. ืฉืžื™ืจื” ื‘ืžื˜ืžื•ืŸ ืฉืœ ืžืคืชื— TLS null ืœื ืžืื•ืชื—ืœ ื•ื”ืชืขืœืžื•ืช ืžืงื•ื“ ื”ืฉื’ื™ืื” ืฉื”ื•ื—ื–ืจ ืขืœ ื™ื“ื™ ืกืคืจื™ื™ืช Mocana nanoSSL ื›ืืฉืจ ื”ืชืงื‘ืœื” ื—ื‘ื™ืœื” ืขื ืžืคืชื— ืจื™ืง ืืคืฉืจื• ืœื”ืชื—ื–ื•ืช ืœืฉืจืช ืฉืœ ืฉื ื™ื™ื“ืจ ืืœืงื˜ืจื™ืง ืžื‘ืœื™ ืœืขื‘ื•ืจ ืืช ืฉืœื‘ ื”ื—ืœืคืช ื”ืžืคืชื—ื•ืช ื•ื”ืื™ืžื•ืช.
    ื ืงื•ื“ื•ืช ืชื•ืจืคื” ื‘-APC Smart-UPS ื”ืžืืคืฉืจื•ืช ืฉืœื™ื˜ื” ืžืจื—ื•ืง ื‘ืžื›ืฉื™ืจ

ื”ืคื’ื™ืขื•ืช ื”ืฉืœื™ืฉื™ืช (CVE-2022-0715) ืงืฉื•ืจื” ืœื™ื™ืฉื•ื ืฉื’ื•ื™ ืฉืœ ื‘ื“ื™ืงืช ืงื•ืฉื—ื” ืฉื”ื•ืจื“ื• ืœืขื“ื›ื•ืŸ ื•ืžืืคืฉืจืช ืœืชื•ืงืฃ ืœื”ืชืงื™ืŸ ืงื•ืฉื—ื” ืฉื•ื ื” ืžื‘ืœื™ ืœืืžืช ืืช ื”ื—ืชื™ืžื” ื”ื“ื™ื’ื™ื˜ืœื™ืช (ื”ืชื‘ืจืจ ืฉื”ืงื•ืฉื—ื” ื›ืœืœ ืœื ื‘ื•ื“ืงืช ืืช ื”ื—ืชื™ืžื” ื”ื“ื™ื’ื™ื˜ืœื™ืช , ืื‘ืœ ืžืฉืชืžืฉ ืจืง ื‘ื”ืฆืคื ื” ืกื™ืžื˜ืจื™ืช ืขื ืžืคืชื— ืฉื”ื•ื’ื“ืจ ืžืจืืฉ ื‘ืงื•ืฉื—ื”).

ื‘ืฉื™ืœื•ื‘ ืขื ื”ืคื’ื™ืขื•ืช CVE-2022-22805, ืชื•ืงืฃ ื™ื›ื•ืœ ืœื”ื—ืœื™ืฃ ืืช ื”ืงื•ืฉื—ื” ืžืจื—ื•ืง ืขืœ ื™ื“ื™ ื”ืชื—ื–ื•ืช ืœืฉื™ืจื•ืช ืขื ืŸ ืฉืœ ืฉื ื™ื™ื“ืจ ืืœืงื˜ืจื™ืง ืื• ืขืœ ื™ื“ื™ ื™ื™ื–ื•ื ืขื“ื›ื•ืŸ ืžืจืฉืช ืžืงื•ืžื™ืช. ืœืื—ืจ ืฉื”ืฉื™ื’ ื’ื™ืฉื” ืœ-UPS, ืชื•ืงืฃ ื™ื›ื•ืœ ืœื”ืฆื™ื‘ ื“ืœืช ืื—ื•ืจื™ืช ืื• ืงื•ื“ ื–ื“ื•ื ื™ ื‘ืžื›ืฉื™ืจ, ื›ืžื• ื’ื ืœื‘ืฆืข ื—ื‘ืœื” ื•ืœื›ื‘ื•ืช ืืช ื”ื—ืฉืžืœ ืœืฆืจื›ื ื™ื ื—ืฉื•ื‘ื™ื, ืœืžืฉืœ, ืœื›ื‘ื•ืช ืืช ื”ื—ืฉืžืœ ืœืžืขืจื›ื•ืช ืžืขืงื‘ ื•ื™ื“ืื• ื‘ื‘ื ืงื™ื ืื• ืœืชืžื™ื›ื” ื‘ื—ื™ื™ื. ืžื›ืฉื™ืจื™ื ื‘ื‘ืชื™ ื—ื•ืœื™ื.

ื ืงื•ื“ื•ืช ืชื•ืจืคื” ื‘-APC Smart-UPS ื”ืžืืคืฉืจื•ืช ืฉืœื™ื˜ื” ืžืจื—ื•ืง ื‘ืžื›ืฉื™ืจ

ืฉื ื™ื™ื“ืจ ืืœืงื˜ืจื™ืง ื”ื›ื™ื ื” ืชื™ืงื•ื ื™ื ืœืชื™ืงื•ืŸ ื‘ืขื™ื•ืช, ื•ื’ื ืžื›ื™ื ื” ืขื“ื›ื•ืŸ ืงื•ืฉื—ื”. ื›ื“ื™ ืœื”ืคื—ื™ืช ืืช ื”ืกื™ื›ื•ืŸ ืœืคืฉืจื”, ืžื•ืžืœืฅ ื‘ื ื•ืกืฃ ืœืฉื ื•ืช ืืช ืกื™ืกืžืช ื‘ืจื™ืจืช ื”ืžื—ื“ืœ ("apc") ื‘ืžื›ืฉื™ืจื™ื ืขื ื›ืจื˜ื™ืก NMC (ื›ืจื˜ื™ืก ื ื™ื”ื•ืœ ืจืฉืช) ื•ืœื”ืชืงื™ืŸ ืชืขื•ื“ืช SSL ื—ืชื•ืžื” ื“ื™ื’ื™ื˜ืœื™ืช, ื•ื›ืŸ ืœื”ื’ื‘ื™ืœ ืืช ื”ื’ื™ืฉื” ืœ-UPS ื‘ื—ื•ืžืช ื”ืืฉ. ืจืง ืœื›ืชื•ื‘ื•ืช ืฉืœ ืฉื ื™ื™ื“ืจ ืืœืงื˜ืจื™ืง ืขื ืŸ.

ืžืงื•ืจ: OpenNet.ru

ื”ื•ืกืคืช ืชื’ื•ื‘ื”