Vatsvakurudzi vekuchengetedza kubva kuArmis ruzivo nezve () muTCP/IP IPnet stack inoshandiswa muVxWorks operating system. Matambudziko akanzi "URGENT/11". Kusagadzikana kunogona kushandiswa kure nekutumira zvakagadzirirwa zvakagadzirirwa mapaketi etiweki, kusanganisira kune mamwe matambudziko kurwiswa kunogona kuitwa kana kunowanikwa kuburikidza nefirewall uye NAT (semuenzaniso, kana munhu anorwisa achidzora sevha yeDNS inowanikwa nemudziyo usina njodzi uri panetiweki yemukati) .
Zvinetso zvitanhatu zvinogona kutungamira kune anorwisa kodhi kuurayiwa kana uchigadzira zvisizvo kuseta IP kana TCP sarudzo mupaketi, pamwe nekuparura DHCP mapaketi. Matambudziko mashanu haana njodzi uye anogona kutungamira kune ruzivo rwekuburitswa kana kurwiswa kweDoS. Kuburitswa kwekusagadzikana kwakarongwa neWind River, uye kuburitswa kwazvino kweVxWorks 7 SR0620, yakaburitswa svondo rapfuura, yakatogadzirisa nyaya idzi.
Sezvo kusagadzikana kwega kwega kuchikanganisa chikamu chakasiyana chetiweki stack, nyaya dzinogona kunge dzakaburitswa-chaiyo, asi zvinonzi shanduro yega yega yeVxWorks kubvira 6.5 ine kamwechete kure kure kodhi kuuraya. Muchiitiko ichi, kune imwe neimwe yakasiyana yeVxWorks inofanirwa kugadzira kushandiswa kwakasiyana. Sekureva kweArmis, dambudziko iri rinobata pamusoro pemamiriyoni mazana maviri emidziyo, kusanganisira maindasitiri nemidziyo yekurapa, ma routers, mafoni eVOIP, firewall, maprinta uye akasiyana eInternet eZvinhu zvishandiso.
Wind River Company kuti nhamba iyi yakanyanyisa uye dambudziko rinokanganisa chete nhamba shomanana yezvigadzirwa zvisingakoshi, izvo, sekutonga, zvinongogumira kune yemukati yekambani network. Iyo IPnet networking stack yaingowanikwa mune akasarudzwa editions eVxWorks, kusanganisira kuburitswa kusingachatsigirwe (kusati kwasvika 6.5). Midziyo yakavakirwa paVxWorks 653 uye VxWorks Cert Edition mapuratifomu anoshandiswa munzvimbo dzakaoma (marobhoti eindasitiri, mota nemagetsi endege) haawane matambudziko.
Vamiriri veArmis vanotenda kuti nekuda kwekuomerwa kwekugadzirisa zvishandiso zvisina njodzi, zvinogoneka kuti makonye aonekwe anotapukira mawebhusaiti emunharaunda uye anorwisa mapoka anozivikanwa emidziyo isina njodzi yakawanda. Semuenzaniso, mamwe maturusi, akadai semidziyo yekurapa neyemaindasitiri, inoda kupihwazve chitupa uye kuyedzwa kwakawanda paunenge uchivandudza firmware yavo, zvichiita kuti zviome kugadzirisa firmware yavo.
Rwizi mhepo kuti mumamiriro ezvinhu akadaro, njodzi yekukanganisa inogona kuderedzwa nekugonesa akavakirwa-mukati ekuchengetedza maficha akadai seasingaite-executable stack, stack overflow protection, system call restriction, uye process yekuzviparadzanisa nevamwe. Dziviriro inogonawo kupihwa nekuwedzera kurwisa-kuvharira siginecha pane firewall uye intrusion yekudzivirira masisitimu, pamwe nekudzikamisa network kuwana kune mudziyo chete kune yemukati yekuchengetedza perimeter.
Source: opennet.ru