Kua whakaputaina e ngā tīma rangahau o Forescout Research Labs me JSOF Research ngā hua o tētahi rangahau haumarutanga tahi o ngā whakatinanatanga maha o tētahi kaupapa kōpeketanga e whakamahia ana hei tākai i ngā ingoa tāruarua ki ngā karere DNS, mDNS, DHCP, me IPv6 RA (e tākai ana i ngā wāhanga rohe tāruarua ki ngā karere kei roto ngā ingoa maha). I kitea e te rangahau e iwa ngā ngoikoretanga, ko INGOA:WRECK te ingoa huna.
I kitea ngā ngoikoretanga i roto i te FreeBSD, tae atu ki ngā pūnaha whatunga IPnet, Nucleus NET, me NetX, e whakamahia whānuitia ana i roto i ngā pūnaha whakahaere wā-tūturu a VxWorks, Nucleus, me ThreadX e whakamahia ana i roto i ngā taputapu aunoa, ngā pūnaha rokiroki, ngā taputapu hauora, ngā waka rererangi, ngā pūreretā, me ngā hikohiko kaihoko. E kiia ana he iti rawa te 100 miriona ngā taputapu e ngoikore ana.
- Nā te ngoikore i roto i te FreeBSD (CVE-2020-7461) i āhei ai te whakahaere waehere mā te tuku i tētahi mōkihi DHCP i hangaia motuhaketia ki tētahi kaiwhakaeke i runga i te whatunga ā-rohe kotahi me te patunga. Nā te tukatuka i te mōkihi e tētahi kiritaki DHCP ngoikore i hua ake ai he waipuke parepare. I whakaitihia te ngoikore nā te mea i oma te tukanga dhclient ngoikore me ngā mana kua ngaro i roto i te pouaka onepu Capsicum, me te hiahia kia kitea tētahi atu ngoikoretanga kia mawhiti.
I puta mai te hapa i te whakamana tawhā hē i roto i te mōkihi i whakahokia mai e te tūmau DHCP me te kōwhiringa DHCP 119, e āhei ai te rārangi "rapu rohe" ki te kaiwhakatau. He tātai hē o te rahi o te pūpare e hiahiatia ana hei whakauru i ngā raraunga kua wetewetehia. ngā ingoa rohe, i meinga ai ngā mōhiohio e whakahaerehia ana e te kaiwhakaeke kia tuhia ki tua atu i te pūmau kua tohaina. I whakatikahia tēnei take i roto i te FreeBSD i te marama o Hepetema o te tau kua hipa. Ka taea anake te whakamahi mā te urunga whatunga ā-rohe.
- Nā te ngoikore o te puranga whatunga IPnet kua whakauruhia i roto i te VxWorks RTOS ka taea te whakahaere waehere i runga i te kiritaki DNS nā te whakahaere hē o te kōpeketanga karere DNS. I tautuhia tuatahitia tēnei ngoikoretanga e Exodus i te tau 2016, engari kāore i whakatikatikaina. Kāore anō kia whakautua tētahi tono i muri mai ki a Wind River, ā, kei te ngoikore tonu ngā taputapu IPnet.
- В TCP/IP E ono ngā ngoikoretanga i kitea i roto i te puranga Nucleus NET i tautokona e Siemens, e rua o ēnei ka arahi pea ki te whakahaere waehere mamao, ā, e whā ka arahi pea ki te whakakorenga ratonga. Ko te take nui tuatahi e pā ana ki te hapa i te wetewete i ngā karere DNS kua kōpeketia, ā, ko te tuarua ki te wetewete hē o ngā tapanga ingoa rohe. Ko ngā take e rua ka hua ake he waipuke o te arai i te tukatuka i ngā urupare DNS kua hangaia motuhake.
Hei whakamahi i ēnei ngoikoretanga, me tuku noa e te kaiwhakaeke he whakautu kua hangaia mō tētahi tono tika i tukuna mai i tētahi taputapu ngoikore, hei tauira, mā te mahi i tētahi whakaeke MTIM me te pokanoa ki te whakawhitiwhiti i waenga i te tūmau DNS me te patunga. Mena he urunga tō te kaiwhakaeke ki te whatunga ā-rohe, ka taea e rātou te whakarewa i tētahi tūmau DNS e ngana ana ki te whakaeke i ngā taputapu ngoikore mā te whakapāho i ngā tono mDNS.
- Nā te ngoikoretanga i roto i te puranga whatunga NetX (Azure RTOS NetX), i whakawhanakehia mō ThreadX RTOS, ā, i whakakitea ki te marea i te tau 2019 whai muri i te hokonga mai e Microsoft, i hua ake ai te whakakorenga ratonga. I puta te raruraru i te hapa i te wetewete i ngā karere DNS kua kōpeketia i roto i te whakatinanatanga whakatau.
I roto i ngā puranga whatunga kua whakamatautauria, kāore i kitea ngā ngoikoretanga e pā ana ki te pēhitanga o ngā raraunga e whakahokia ana i roto i ngā karere DNS, ko ēnei kaupapa i whakaingoatia: lwIP, Nut/Net, Zephyr, uC/TCP-IP, uC/TCP-IP, FreeRTOS+TCP, OpenThread, me FNET. Kāore ngā mea tuatahi e rua (Nut/Net me lwIP) e tautoko i te pēhitanga i roto i ngā karere DNS, ko ētahi atu ia e whakatinana ana i tēnei mahi me te kore he hapa. I tua atu, e kīia ana i kitea i mua e ngā kairangahau kotahi ngā ngoikoretanga rite i roto i ngā puranga Treck, uIP, me PicoTCP.
Source: opennet.ru
