Chiwopsezo chadziwika mu MegaRAC firmware yochokera ku American Megatrends (AMI), yomwe imagwiritsidwa ntchito mu owongolera a BMC (Baseboard Management Controller) omwe amagwiritsidwa ntchito ndi opanga ma seva kukonza kasamalidwe ka zida zodziyimira pawokha, kulola wowukira wosavomerezeka kuti awerenge zomwe zili mkati mwa kukumbukira. njira yomwe imapereka magwiridwe antchito a intaneti. Chiwopsezochi chikuwoneka mu firmware yomwe idatulutsidwa kuyambira 2019 ndipo imayamba chifukwa chotumiza mtundu wakale wa seva ya Lighttpd HTTP yomwe ili ndi chiwopsezo chosasinthika.
Mu Lighttpd codebase, chiwopsezochi chidakhazikitsidwa mu 2018 mu mtundu 1.4.51, koma kukonzako kudapangidwa popanda kupereka chozindikiritsa cha CVE komanso popanda kusindikiza lipoti lofotokoza zachiwopsezocho. Cholembacho chinatchula zokonza zachitetezo, koma choyang'ana kwambiri pachiwopsezo cha mod_userdir chokhudza kugwiritsa ntchito zilembo za ".." mu dzina lolowera.
Mndandanda wa zosinthawo udatchulanso vuto pakukonza mitu ya HTTP, koma kukonza uku kudaphonya ndi opanga ma firmware ndipo sikunasamutsidwe ku chinthucho, popeza cholemba chokhudza kutha kwa chiwopsezo chogwiritsa ntchito pambuyo paulere chinalipo kokha lemba la kudzipereka, ndipo pamndandanda wamba palibe zosintha zomwe zidapangidwa kuti ziwonetse kuti cholakwikacho chimabweretsa mwayi wokumbukira pambuyo paulere.
Kusatetezeka kumalola zomwe zili mumtima kuti ziwerengedwe kunja kwa buffer yoperekedwa. Vutoli limayamba chifukwa cha cholakwika pamutu wa HTTP wophatikiza khodi yomwe imagwiritsidwa ntchito pofotokoza maulendo angapo a mutu wa "If-Modified-Since" HTTP. Pokonza gawo lachiwiri la mutu, lighttpd inapereka chosungira chatsopano kuti chisunge mtengo wophatikizidwa ndi kukumbukira komasulidwa kwa buffer yomwe ili ndi mtengo kuchokera pamutu woyamba. Pachifukwa ichi, con-> pempho.http_if_modified_since pointer sinasinthe ndipo inapitiriza kuloza kumalo okumbukira omwe adamasulidwa kale.
Popeza pointer iyi idagwiritsidwa ntchito poyerekezera zomwe zili mumutu wa If-Modified-Since, zomwe zidapangitsa kuti pakhale ma code osiyanasiyana obwerera, wowukirayo atha, ndi mphamvu yankhanza, kuganiza zatsopano za kukumbukira zomwe zidalipo kale. yokhazikika ndi buffer yoyamba. Vutoli litha kugwiritsidwa ntchito limodzi ndi zovuta zina, mwachitsanzo kudziwa momwe kukumbukira kumadutsa njira zachitetezo monga ASLR (Address Space Randomization).
Kukhalapo kwa chiwopsezo kwatsimikiziridwa mu nsanja za seva za Lenovo ndi Intel, koma makampaniwa sakukonzekera kumasula zosintha za firmware chifukwa cha kutha kwa nthawi yothandizira zinthu zomwe zimagwiritsidwa ntchito pogwiritsa ntchito firmwares ndi kutsika kochepa kwachiwopsezo. Vutoli limawonekera mu firmware ya Intel M70KLP ndi Lenovo HX3710, HX3710-F ndi HX2710-E nsanja (chiwopsezo chilipo, mwa zina, m'mawonekedwe aposachedwa a firmware Lenovo 2.88.58 ndi Intel 01.04.0030). Kuphatikiza apo, akuti kusatetezeka kwa lighttpd kumawonekeranso mu firmware ya zida za Supermicro komanso ma seva omwe amagwiritsa ntchito olamulira a BMC ochokera ku Duluth ndi AETN.
Source: opennet.ru