Ofufuza zachitetezo ochokera ku Qualys mwayi zofooka mu seva yamakalata ya qmail, mmbuyo mu 2005 (CVE-2005-1513), koma sanasinthidwe chifukwa wolemba qmail ananena kuti sikunali kotheka kupanga mwayi wogwira ntchito womwe ungagwiritsidwe ntchito kuukira machitidwe pakusintha kosasintha. Qualys adatha kukonzekera kugwiritsa ntchito komwe kumatsutsa lingaliro ili ndikulola munthu kuyambitsa ma code akutali pa seva potumiza uthenga wopangidwa mwapadera.
Vutoli limayamba chifukwa cha kuchuluka kwa chiwerengero mu ntchito ya stralloc_readyplus (), yomwe imatha kuchitika pokonza uthenga waukulu kwambiri. Kugwira ntchito kumafunikira makina a 64-bit okhala ndi kukumbukira kopitilira 4GB. Pamene chiwopsezocho chinawunikidwa mu 2005, a Daniel J. Bernstein adanena kuti kulingalira mu code kuti kukula kwa gulu lomwe lagawidwa nthawi zonse limakhala mkati mwa 32-bit phindu limachokera ku mfundo yakuti palibe amene amapereka gigabytes kukumbukira pa ndondomeko iliyonse. Pazaka zapitazi za 15, makina a 64-bit pa ma seva alowa m'malo mwa machitidwe a 32-bit, ndipo kuchuluka kwa kukumbukira komwe kumaperekedwa ndi bandwidth ya intaneti yawonjezeka kwambiri.
Osamalira phukusi la qmail adaganizira zomwe Bernstein adalemba ndikuchepetsa kukumbukira komwe kulipo poyambitsa njira ya qmail-smtpd (mwachitsanzo, mu Debian 10 malire amayikidwa ku 7MB). Koma mainjiniya ochokera ku Qualys adapeza kuti izi sizokwanira ndipo, kuwonjezera pa qmail-smtpd, kuwukira kwakutali kumatha kuchitika panjira ya qmail-local, yomwe idakhalabe yopanda malire pamaphukusi onse oyesedwa. Monga umboni, chithunzithunzi chogwiritsira ntchito chidakonzedwa chomwe chinali choyenera kuukira phukusi la Debian ndi qmail pakusintha kosasintha.
Kuti mupange ma code akutali panthawi yakuukira, seva imafunikira 4GB ya disk space yaulere ndi 8GB ya RAM.
Kugwiritsa ntchito kumakupatsani mwayi woyendetsa zipolopolo zilizonse ndi ufulu wa aliyense wogwiritsa ntchito, kupatula ogwiritsa ntchito mizu ndi makina omwe alibe subdirectory yawo mu "/home" directory (njira ya qmail-local imayambitsidwa ndi ufulu. wa wogwiritsa ntchito komweko komwe kutumizidwa kumaperekedwa).
Kuukiraku kumachitika
potumiza uthenga wamakalata waukulu kwambiri, kuphatikiza mizere yapamutu ingapo, yoyezera pafupifupi 4GB ndi 576MB. Kukonza zingwe zotere mu qmail-zako kumabweretsa kusefukira pamene mukuyesera kupereka uthenga kwa wogwiritsa ntchito. Kusefukira kwa chiwerengero kumatsogolera ku kusefukira kwa buffer mukakopera deta komanso kuthekera kolemba masamba okumbukira ndi libc code. Pogwiritsa ntchito makonzedwe a deta yotumizidwa, ndizothekanso kulembanso adilesi ya "open ()" ntchito, m'malo mwake ndi adilesi ya "system ()" ntchito.
Kenako, mukuyitanitsa qmesearch () mu qmail-local, fayilo ".qmail-extension" imatsegulidwa kudzera pa open() ntchito, yomwe imatsogolera ku kukwaniritsidwa kwenikweni kwa ntchitoyi.
system(".qmail-extension"). Koma popeza gawo la fayilo la "extension" limapangidwa kutengera adilesi ya wolandila (mwachitsanzo, "localuser-extension@localdomain"), owukira amatha kukonza kuti lamulo litumizidwe pofotokoza wogwiritsa ntchito "localuser-; command. ;@localdomainβ monga wolandila uthengawo.
Pakuwunika kwamakhodi, ziwopsezo ziwiri zidadziwikanso mu chigamba chowonjezera cha qmail, chomwe ndi gawo la phukusi la Debian. Chiwopsezo choyamba () amakulolani kuti mulambalale kutsimikizira adilesi ya imelo, ndipo yachiwiri () kumabweretsa kutulutsa kwa chidziwitso cha komweko. Makamaka, chiwopsezo choyamba chimakulolani kuti mulambalale kulondola kwa adilesi yomwe imagwiritsidwa ntchito potumiza lamulo (kutsimikizira sikumagwira ma adilesi opanda dera, monga "localuser-; command;"). Chiwopsezo chachiwiri chingagwiritsidwe ntchito kuyang'ana kupezeka kwa mafayilo ndi maupangiri pamakina, kuphatikiza omwe amapezeka kokha muzu (qmail-verify runs with root rights), kupyolera mu kuyitana kwachindunji kwa wothandizira wakomweko.
Kuti athane ndi vutoli, Bernstein adalimbikitsa kuyendetsa njira za qmail ndi malire athunthu pazomwe zilipo ("softlimit -m12345678"), pomwe vuto lidatsekedwa. Monga njira ina yodzitetezera, kuchepetsa kukula kwakukulu kwa uthenga wokonzedwa kudzera pa fayilo ya "control/databytes" imatchulidwanso (mwachisawawa sichimapangidwa ndi zoikamo zokhazikika qmail imakhalabe pachiwopsezo). Kuonjezera apo, "control/databytes" sichiteteza ku ziwonongeko zam'deralo kuchokera kwa ogwiritsa ntchito makina, popeza malirewo amangoganiziridwa ndi qmail-smtpd.
Vuto limakhudza phukusi , zophatikizidwa m'malo osungira a Debian. Gulu la zigamba zakonzedwa phukusili, kuchotsa ziwopsezo zonse zakale kuchokera ku 2005 (powonjezera malire okumbukira ku alloc () code code) ndi zovuta zatsopano mu qmail-verify. Payokha mtundu wosinthidwa wa chigamba cha qmail-verify. Madivelopa adakonza zigamba zawo kuti aletse mavuto akale, komanso adayamba kugwira ntchito kuti athetse kusefukira kwamtundu uliwonse mu code.
Source: opennet.ru