Mu phukusi pppd (), kukulolani kuti mupereke khodi yanu potumiza zopempha zotsimikizira mwapadera kumakina ogwiritsira ntchito protocol ya PPP (Point-to-Point Protocol) kapena PPPoE (PPP over Ethernet). Ma protocol awa nthawi zambiri amagwiritsidwa ntchito ndi othandizira kukonza maulumikizidwe kudzera pa Ethernet kapena DSL, ndipo amagwiritsidwanso ntchito mu ma VPN ena (mwachitsanzo, pptpd ndi ). Kuti muwone ngati machitidwe anu akukhudzidwa ndi vutoli kugwiritsa ntchito prototype.
Kusatetezekaku kumadza chifukwa cha kusefukira kwa bafa pakukhazikitsa protocol yotsimikizira ya EAP (Extensible Authentication Protocol). Kuwukirako kutha kuchitidwa pamlingo wotsimikizika potumiza paketi yokhala ndi mtundu wa EAPT_MD5CHAP, kuphatikiza dzina lalitali kwambiri lomwe silikugwirizana ndi buffer yomwe yaperekedwa. Chifukwa cha cholakwika pamakhodi owonera kukula kwa gawo la rhostname, wowukira atha kulemba data kunja kwa buffer pa stack ndikupeza code yake yakutali ndi maufulu a mizu. Kusatetezeka kumawonekera pa seva ndi mbali za kasitomala, i.e. Osati seva yokhayo yomwe ingawukidwe, komanso kasitomala akuyesera kulumikiza ku seva yoyendetsedwa ndi wowukirayo (mwachitsanzo, wowukira atha kuthyola seva kudzera pachiwopsezo, kenako ndikuyamba kuwukira olumikiza makasitomala).
Vutoli limakhudza mitundu kuchokera ku 2.4.2 mpaka 2.4.8 kuphatikiza ndikuchotsedwa mu mawonekedwe . Kusatetezeka komanso stack , koma kasinthidwe kosasinthika mu lwIP sikuthandiza thandizo la EAP.
Momwe kukonza vutoli m'magawo ogawa zitha kuwonedwa pamasamba awa: , , , , , , , . Pa RHEL, OpenWRT ndi SUSE, phukusi la pppd limamangidwa ndi chitetezo cha "Stack Smashing Protection" chothandizidwa ("-fstack-protector" mode mu gcc), yomwe imalepheretsa kugwiritsidwa ntchito molephera. Kuphatikiza pa kugawa, kusatetezeka kwatsimikiziridwanso muzinthu zina (Call Manager) ndi Synology (DiskStation Manager, VisualStation VS960HD ndi Router Manager) pogwiritsa ntchito pppd kapena lwIP code.
Source: opennet.ru