Ka dib 14 bilood oo horumarin ah, GNU inetutils 2.5 suite ayaa la sii daayay iyada oo la ururiyay barnaamijyo iskuxiran, kuwaas oo intooda badan laga soo wareejiyay nidaamyada BSD. Gaar ahaan, waxaa ka mid ah inetd iyo syslogd, adeegayaasha iyo macaamiisha ftp, telnet, rsh, rlogin, tftp iyo hadalka, iyo sidoo kale adeegyada caadiga ah sida ping, ping6, traceroute, whois, hostname, dnsdomainname, ifconfig, logger, iwm. .P.
Nooca cusubi wuxuu meesha ka saarayaa nuglaanta (CVE-2023-40303) ee barnaamijyada suid ftpd, rcp, rlogin, rsh, rshd iyo uucpd, oo ay sababtay hubin la'aanta qiyamka ay soo celisay setuid (), setgid (), seteuid() iyo setguid() hawlaha . Nuglaanta waxaa loo isticmaali karaa in lagu abuuro shuruudo marka wicitaanka set * id() dib u habeyn doonin mudnaanta oo codsigu wuxuu sii wadi doonaa inuu la shaqeeyo mudnaanta sare oo uu fuliyo hawlgallada hoostooda kuwaas oo markii hore loogu talagalay inay ku shaqeeyaan xuquuqda isticmaale aan mudnaanta lahayn. Tusaale ahaan, ftpd, uucpd, iyo rshd hababka u shaqeeya sida xididku waxay sii wadi doonaan inay u shaqeeyaan sidii xidid ka dib markii fadhiyada isticmaalaha ay bilaabmaan haddii set * id () guuldareysto.
Marka lagu daro baabi'inta dayacanka iyo khaladaadka yar yar, nooca cusub wuxuu ku darayaa taageerada fariimaha ICMPv6 oo leh macluumaad ku saabsan la gaadhin la'aanta martida bartilmaameedka ah ("meel aan la gaadhi karin", RFC 6) utility ping4443.
Source: opennet.ru