Kutulutsidwa kwa seva yamakalata ya Exim 4.94.2 kwasindikizidwa ndikuchotsa ziwopsezo 21 (CVE-2020-28007-CVE-2020-28026, CVE-2021-27216), zomwe zidadziwika ndi Qualys ndikuperekedwa pansi pa code. 21Misomali. Mavuto 10 atha kugwiritsidwa ntchito patali (kuphatikiza kugwiritsa ntchito ma code okhala ndi ufulu wa mizu) kudzera mukusintha malamulo a SMTP polumikizana ndi seva.
Mitundu yonse ya Exim, yomwe mbiri yake idatsatiridwa ku Git kuyambira 2004, imakhudzidwa ndi vutoli. Ma prototypes ogwirira ntchito adakonzedwa kuti pakhale zovuta zinayi zakuderalo komanso zovuta zitatu zakutali. Zochita pazachiwopsezo zakomweko (CVE-4-3, CVE-2020-28007, CVE-2020-28008, CVE-2020-28015) zimakupatsani mwayi wokweza mwayi wanu kwa wogwiritsa ntchito mizu. Nkhani ziwiri zakutali (CVE-2020-28012, CVE-2020-28020) zimalola kuti code ichitike popanda kutsimikizika ngati wogwiritsa ntchito Exim (mutha kupeza mizu pogwiritsa ntchito zovuta zina zakomweko).
Chiwopsezo cha CVE-2020-28021 chimalola kugwiritsa ntchito kachidindo kakutali ndi maufulu a mizu, koma kumafuna mwayi wovomerezeka (wogwiritsa ntchito ayenera kukhazikitsa gawo lovomerezeka, pambuyo pake atha kugwiritsa ntchito chiwopsezocho mwakusintha magawo a AUTH mu lamulo la MAIL FROM). Vutoli limayamba chifukwa chakuti wowukira amatha kulowetsa zingwe pamutu wa fayilo ya spool polemba mtengo wa authenticated_sender popanda kuthawa zilembo zapadera (mwachitsanzo, popereka lamulo "MAIL FROM:<> AUTH=Raven+0AReyes β).
Kuphatikiza apo, zimadziwika kuti chiwopsezo china chakutali, CVE-2020-28017, chingagwiritsidwe ntchito popereka ma code ndi "exim" ufulu wogwiritsa ntchito popanda kutsimikizika, koma kumafuna kukumbukira kopitilira 25 GB. Paziwopsezo 13 zotsalazo, zochitika zitha kukonzedwanso, koma kugwira ntchito motere sikunachitikebe.
Madivelopa a Exim adadziwitsidwa za zovutazo mu Okutobala chaka chatha ndipo adakhala miyezi yopitilira 6 akukonzekera kukonza. Oyang'anira onse akulimbikitsidwa kuti asinthe Exim pa seva yawo yamakalata kuti ikhale 4.94.2. Mabaibulo onse a Exim asanatulutse 4.94.2 adanenedwa kuti ndi osatha. Kusindikizidwa kwa mtundu watsopanowu kudalumikizidwa ndi magawo omwe adasindikizanso zosintha zamaphukusi: Ubuntu, Arch Linux, FreeBSD, Debian, SUSE ndi Fedora. RHEL ndi CentOS sizikukhudzidwa ndi vutoli, popeza Exim sichikuphatikizidwa muzosungira zawo zokhazikika (EPEL ilibe zosintha).
Zowopsa zomwe zachotsedwa:
- CVE-2020-28017: Nambala kusefukira mu ntchito receive_add_recipient();
- CVE-2020-28020: Nambala kusefukira mu receive_msg () ntchito;
- CVE-2020-28023: Zakunja-zowerengedwa mu smtp_setup_msg ();
- CVE-2020-28021: Kusintha kwatsopano pamutu wamafayilo a spool;
- CVE-2020-28022: Lembani ndi kuwerenga m'dera lomwe lili kunja kwa buffer yomwe mwapatsidwa mu ntchito ya extract_option();
- CVE-2020-28026: Kudulira kwa zingwe ndikusintha mu spool_read_header ();
- CVE-2020-28019: Kuwonongeka mukakhazikitsanso cholozera chantchito pakachitika cholakwika cha BDAT;
- CVE-2020-28024: Buffer underflow mu smtp_ungetc() ntchito;
- CVE-2020-28018: Kugwiritsa ntchito mwaulere kwa buffer mu tls-openssl.c
- CVE-2020-28025: Kutuluka kwa malire kumawerengedwa mu pdkim_finish_bodyhash() ntchito.
Zowonongeka kwanuko:
- CVE-2020-28007: Kuwukira kwa ulalo wophiphiritsa mu chikwatu cha Exim log;
- CVE-2020-28008: Spool directory kuwukira;
- CVE-2020-28014: Kupanga mafayilo osasintha;
- CVE-2021-27216: Kuchotsa mafayilo mopanda malire;
- CVE-2020-28011: Buffer kusefukira mu queue_run ();
- CVE-2020-28010: Zotuluka-malire lembani main ();
- CVE-2020-28013: Buffer kusefukira mu ntchito parse_fix_phrase();
- CVE-2020-28016: Zotuluka-malire lembani mu parse_fix_phrase ();
- CVE-2020-28015: Kusintha kwatsopano pamutu wamafayilo a spool;
- CVE-2020-28012: Mbendera yosowa pafupi ndi chitoliro chosatchulidwa dzina;
- CVE-2020-28009: Integer kusefukira mu get_stdinput() ntchito.
Source: opennet.ru