Lihlopha tsa lipatlisiso tsa Forescout Research Labs le JSOF Research li phatlalalitse liphetho tsa phuputso e kopaneng ea ts'ireletso ea ts'ebetso e fapaneng ea leano la compression le sebelisetsoang ho paka mabitso a qotsitsoeng ho melaetsa ea DNS, mDNS, DHCP, le IPv6 RA (ho paka likarolo tsa domain tse kopitsoang melaetsa. tse kenyeletsang mabitso a mangata). Nakong ea mosebetsi, ho ile ha fumanoa bofokoli ba 9, bo akaretsoang tlas'a lebitso la khoutu NAME: WRECK.
Litaba li 'nile tsa tsejoa ho FreeBSD, hammoho le lits'ebetsong tsa marang-rang IPnet, Nucleus NET le NetX, tse atileng haholo ho VxWorks, Nucleus le ThreadX mekhoa ea sebele ea nako ea ho sebetsa e sebelisoang lisebelisoa tse ikemetseng, polokelo, lisebelisoa tsa bongaka, li-avionics, bahatisi. le lisebelisoa tsa elektronike tsa bareki. Ho hakanngoa hore bonyane lisebelisoa tse limilione tse 100 li angoa ke bofokoli boo.
- Ho ba kotsing ho FreeBSD (CVE-2020-7461) ho entse hore ho khonehe ho hlophisa ts'ebetsong ea khoutu ea eona ka ho romela pakete e khethehileng ea DHCP ho bahlaseli ba teng marang-rang a tšoanang le motho ea hlasetsoeng, eo ts'ebetso ea eona e lebisitsoeng ke mofani oa DHCP ea tlokotsing. ho koaheloa ke buffer. Bothata bo ile ba fokotsoa ke taba ea hore ts'ebetso ea dhclient eo ho ba kotsing e neng e le teng e ne e sebetsa ka litokelo tsa ho seta bocha tikolohong e ka thoko ea Capsicum, e neng e hloka ho tsebahatsa tlokotsi e 'ngoe ho tsoa.
Phoso e bakoa ke netefatso e fosahetseng ea paramethara paketeng e khutlisitsoeng ea seva ea DHCP ka khetho ea DHCP ea 119, e lumellang lethathamo la "patlo ea domain" ho fetisetsoa ho raroller. Palo e fosahetseng ea boholo ba buffer e hlokahalang ho amohela data e sa phutholloang. mabitso a domain, e bakile hore tlhahisoleseding e laoloang ke bahlaseli e ngoloe ka nģ'ane ho buffer e abetsoeng. Bothata bona bo ile ba lokisoa ho FreeBSD morao koana ka Loetse selemong se fetileng. E ka sebelisoa hampe feela ka phihlello ea marang-rang a lehae.
- Ho ba kotsing ho "IPnet networking stack" e sebelisitsoeng ho RTOS VxWorks e lumella ho ka etsahala hore ho sebelisoe khoutu ka lehlakoreng la bareki ba DNS ka lebaka la ho se sebetse hantle ha molaetsa oa DNS. Joalo ka ha ho ile ha etsahala, tlokotsi ena e ile ea tsejoa ka lekhetlo la pele ke Exoda morao koana ka 2016, empa ha ho mohla e kileng ea lokisoa. Kopo e ncha ho Wind River le eona ha ea ka ea arajoa mme lisebelisoa tsa IPnet li lula li le kotsing.
- В TCP/IP Ho fumanoe bofokoli bo tšeletseng ka har'a Nucleus NET stack e tšehetsoang ke Siemens, tse peli tsa tsona li ka lebisa ts'ebetsong ea khoutu e hole le tse 'ne tse ka bakang ho haneloa ha tšebeletso. Bothata ba pele bo bohlokoa bo amana le phoso ea ho fokotsa ho hatella melaetsa ea DNS e hatelletsoeng, 'me ea bobeli ke ho se hlahlobisise mabitso a mabitso a domain ka tsela e fosahetseng. Mathata ka bobeli a fella ka ho phalla ha buffer ha ho sebetsoa likarabo tsa DNS tse entsoeng ka mokhoa o khethehileng.
Ho sebelisa hampe bofokoli, mohlaseli o hloka feela ho romella karabo e khethehileng ho kopo efe kapa efe e nepahetseng e rometsoeng ho tsoa sesebelisoa se tlokotsing, mohlala, ka ho etsa tlhaselo ea MTIM le ho kena-kenana le sephethephethe pakeng tsa seva sa DNS le phofu. Haeba mohlaseli a khona ho kena marang-rang a lehae, joale a ka qala seva sa DNS se lekang ho hlasela lisebelisoa tse nang le bothata ka ho romella likopo tsa mDNS ka mokhoa oa phatlalatso.
- Ho ba kotsing ho NetX network stack (Azure RTOS NetX), e ntlafalitsoeng bakeng sa ThreadX RTOS mme ea buloa ka 2019 kamora ho nkuoa ke Microsoft, e ne e lekanyelitsoe ho hana ts'ebeletso. Bothata bo bakoa ke phoso ea ho arola melaetsa ea DNS e hatelitsoeng ts'ebetsong ea tharollo.
Har'a li-stack tsa marang-rang tse lekiloeng tseo ho tsona ho sa fumanoeng bofokoli bo amanang le khatello ea data e pheta-phetoang melaetsa ea DNS, merero e latelang e ile ea bitsoa: lwIP, Nut / Net, Zephyr, uC/TCP-IP, uC/TCP-IP, FreeRTOS+TCP , OpenThread le FNET. Ho feta moo, tse peli tsa pele (Nut/Net le lwIP) ha li tšehetse ho hatella melaetsa ea DNS ho hang, ha tse ling li phethahatsa ts'ebetso ena ntle le liphoso. Ho feta moo, ho hlokometsoe hore pele bafuputsi ba ts'oanang ba ne ba se ba hlokometse bofokoli bo ts'oanang mefuteng ea Treck, uIP le PicoTCP.
Source: opennet.ru
