Mupakeji pppd (), zvichikubvumidza kuti uite kodhi yako nekutumira zvikumbiro zvechokwadi zvakagadzirirwa kumasisitimu anoshandisa iyo PPP (Point-to-Point Protocol) kana PPPoE (PPP pamusoro peEthernet) protocol. Aya maprotocol anowanzo shandiswa nevanopa kuronga kubatanidza kuburikidza neEthernet kana DSL, uye anoshandiswawo mune mamwe maVPN (semuenzaniso, pptpd uye. ) Kuti uone kana masisitimu ako akabatwa nedambudziko kushandisa prototype.
Kusagadzikana uku kunokonzerwa nekufashukira kwebhafa mukushandiswa kweEAP (Extensible Authentication Protocol) protocol yekusimbisa. Kurwiswa kwacho kunogona kuitwa pachinhanho che pre-authentication nekutumira pakiti ine mhando EAPT_MD5CHAP, kusanganisira zita rakareba kwazvo remuenzi risingakwane mubhafa yakapihwa. Nekuda kwebug mukodhi yekutarisa saizi yenzvimbo yezita rerhostname, munhu anorwisa anogona kupeta data kunze kwebuffer pastack uye kuwana kuremedzesa kwekodhi yavo nemidzi kodzero. Kusagadzikana kunozviratidza pane sevha uye mativi evatengi, i.e. Kwete sevha chete inogona kurwiswa, asiwo mutengi ari kuyedza kubatanidza kune sevha inodzorwa neanorwisa (semuenzaniso, munhu anorwisa anogona kutanga abira sevha kuburikidza nenjodzi, obva atanga kurwisa kubatanidza vatengi).
Dambudziko rinokanganisa shanduro kubva ku2.4.2 kusvika ku2.4.8 inosanganiswa uye yakabviswa muchimiro . Vulnerability futi stack , asi iyo default gadziriso mulwIP haigone kutsigirwa neEAP.
Mamiriro ekugadzirisa dambudziko mumakiti ekugovera anogona kutariswa pamapeji aya: , , , , , , , . PaRHEL, OpenWRT uye SUSE, iyo pppd package inovakwa ne "Stack Smashing Dziviriro" chengetedzo inogoneswa (iyo "-fstack-protector" modhi mu gcc), iyo inomisa kushandiswa kukundikana. Pamusoro pekugovera, kusagadzikana kwakasimbiswa mune zvimwe zvigadzirwa (Call Manager) uye Synology (DiskStation Manager, VisualStation VS960HD uye Router Manager) uchishandisa pppd kana lwIP kodhi.
Source: opennet.ru