Kugadziriswa kwekugadzirisa kumatavi akagadzikana eBIND DNS server 9.11.18 uye 9.16.2, pamwe chete nebazi rekuedza 9.17.1, riri mukugadzirwa. Muzvinyorwa zvitsva dambudziko rekuchengetedza rakabatana nekudzivirira kusashanda pakurwiswa "Β»kana uchishanda mumodhi yeDNS server kutumira zvikumbiro (iyo "vanotungamira" block muzvirongwa). Pamusoro pezvo, basa rakaitwa kudzikisa saizi yedhijitari siginecha nhamba dzakachengetwa mundangariro dzeDNSSEC - nhamba yemakiyi akateedzerwa akaderedzwa kusvika 4 kune imwe neimwe nzvimbo, iyo inokwana mu99% yezviitiko.
Iyo "DNS rebinding" nzira inobvumira, kana mushandisi avhura imwe peji mubrowser, kumisikidza WebSocket yekubatanidza kune network sevhisi pane yemukati network isingawanikwe zvakananga kuburikidza neInternet. Kunzvenga dziviriro inoshandiswa mumabhurawuza kusaenda mhiri kwechikamu cheiyo dura renzvimbo (yakatarisana-yakabva), shandura zita remuenzi muDNS. DNS server yeanorwisa inogadzirirwa kutumira maviri IP kero imwe neimwe: chikumbiro chekutanga chinotumira iyo chaiyo IP yevhavha nepeji, uye zvikumbiro zvinotevera zvinodzorera kero yemukati yemudziyo (somuenzaniso, 192.168.10.1).
Nguva yekurarama (TTL) yemhinduro yekutanga inoiswa kune yakaderera kukosha, saka kana uchivhura peji, browser inosarudza iyo chaiyo IP yeanorwisa server uye inotakura zviri mukati pejiji. Peji yacho inoshandisa JavaScript code inomirira kuti TTL ipere uye inotumira chikumbiro chechipiri, icho zvino chinoratidza muiti se 192.168.10.1. Izvi zvinobvumira JavaScript kuti iwane sevhisi mukati menetiweki yemuno, ichipfuura iyo yakayambuka-yekutanga kurambidzwa. kupokana nekurwiswa kwakadaro muBIND kunobva pakuvharira maseva ekunze kuti asadzose kero dzeIP dzemukati metiweki yazvino kana CNAME maaliases enzvimbo dzenzvimbo uchishandisa kero yekuramba-mhinduro uye yekuramba-mhinduro-aliases.
Source: opennet.ru