Iyo Zero Day Initiative (ZDI) purojekiti yakaburitsa ruzivo nezve isina kuburitswa (0-zuva) kusasimba (CVE-2023-42115, CVE-2023-42116, CVE-2023-42117) muExim mail server, ichikubvumidza kuti uite yako kure. kodhi pane sevha ine maitiro ekodzero anogamuchira kubatana pane network port 25. Hapana huchokwadi hunodiwa kuita kurwisa.
Kusagadzikana kwekutanga (CVE-2023-42115) kunokonzerwa nekukanganisika musevhisi yesmtp uye inosanganiswa nekushaikwa kwecheki chaiyo pane data yakagamuchirwa kubva kumushandisi panguva yeSMTP chikamu uye inoshandiswa kuverenga saizi yebhafa. Nekuda kweizvozvo, anorwisa anogona kuwana inodzorwa kunyora yedata rake kunzvimbo yekurangarira kupfuura muganho weiyo yakagoverwa buffer.
Kusagadzikana kwechipiri (CVE-2023-42116) kuripo mumubati wekukumbira weNTLM uye kunokonzerwa nekukopa data rakatambirwa kubva kumushandisi kuenda kune yakagadziriswa-saizi buffer pasina cheki inodiwa yehukuru hweruzivo rwuri kunyorwa.
Kusagadzikana kwechitatu (CVE-2023-42117) kuripo mune smtp maitiro ekugamuchira kubatana paTCP port 25 uye kunokonzerwa nekushaikwa kwekusimbisa kwekuisa, izvo zvinogona kutungamira kuti data rinopihwa nemushandisi rinyorwe kunzvimbo yekurangarira kunze kweiyo buffer yakagoverwa. .
Kusagadzikana kunomakwa se0-zuva, i.e. ramba usina kugadziriswa, asi ZDI report inotaura kuti vagadziri veExim vakaziviswa nezvematambudziko pamberi. Shanduko yekupedzisira kuExim codebase yakaitwa mazuva maviri apfuura uye hazvisati zvajeka kuti matambudziko achagadziriswa rinhi (vagadziri vekugovera havasati vawana nguva yekuita sezvo ruzivo rwakaburitswa pasina ruzivo maawa akati wandei apfuura). Parizvino, Vagadziri veExim vari kugadzirira kuburitsa vhezheni itsva 4.97, asi hapana ruzivo chairwo nezvenguva yekuburitswa kwayo. Iyo chete nzira yekudzivirira yataurwa parizvino ndeyekuganhurira kuwana kune Exim-based SMTP sevhisi.
Pamusoro pezvambotaurwa pamusoro pekusagadzikana, ruzivo rwakaburitswa nezve akati wandei asina njodzi matambudziko:
- CVE-2023-42118 ndeye yakazara kufashukira mu libspf2 raibhurari kana uchibvisa SPF macros. Kusagadzikana kunokubvumira kuti utange huwori huri kure hwemukati mendangariro uye hunogona kushandiswa kuronga kuitiswa kwekodhi yako pane server.
- CVE-2023-42114 iri kunze-kwe-buffer yakaverengwa muNTLM mubato. Iyo nyaya inogona kuita kuti mundangariro zviri mukati meiyo process sevhisi zvikumbiro zvenetiweki zvinodonha.
- CVE-2023-42119 injodzi mune dnsdb inobata iyo inotungamira kune ndangariro kuvuza mune smtp maitiro.
Source: opennet.ru