Abaphandi bokhuseleko abavela kwi-Qualys ithuba ubuthathaka kwiseva yeposi ye-qmail, emva ngo-2005 (CVE-2005-1513), kodwa yahlala ingabhalwanga ngenxa yokuba umbhali we-qmail waxoxa ukuba kwakungekho ngqiqweni ukudala ukuxhaphaza okusebenzayo okunokuthi kusetyenziswe ukuhlasela iinkqubo kuqwalaselo olungagqibekanga. I-Qualys ikwazile ukulungiselela i-exploit ephikisa le ngcinga kwaye ivumela umntu ukuba aqalise ukuphunyezwa kwekhowudi ekude kumncedisi ngokuthumela umyalezo owenziwe ngokukodwa.
Ingxaki ibangelwa kukuphuphuma kwenani elipheleleyo kwi stralloc_readyplus () umsebenzi, onokuthi ukwenzeka xa kusenziwa umyalezo omkhulu kakhulu. Umsebenzi wawufuna inkqubo ye-64-bit enememori engaphezu kwe-4GB yenyani. Xa ubuthathaka buhlalutywa ekuqaleni kwi-2005, uDaniel J. Bernstein waxoxa ukuba ukucinga kwikhowudi ukuba ubungakanani boluhlu olwabiweyo buhlala bungaphakathi kwexabiso le-32-bit lusekelwe kwinto yokuba akukho mntu unika imemori yegigabytes kwinkqubo nganye. Kwiminyaka eyi-15 edlulileyo, iinkqubo ze-64-bit kwiiseva zithathe indawo yeenkqubo ze-32-bit, kwaye inani lememori enikezelweyo kunye ne-network bandwidth liye landa kakhulu.
Abagcini bempahla ye-qmail bathathele ingqalelo inqaku likaBernstein kwaye banciphisa inkumbulo ekhoyo xa beqala inkqubo ye-qmail-smtpd (umzekelo, kwiDebian 10 umda umiselwe ku-7MB). Kodwa iinjineli ezivela kwi-Qualys zafumanisa ukuba oku akwanelanga kwaye, ukongeza kwi-qmail-smtpd, uhlaselo olukude lunokwenziwa kwinkqubo ye-qmail-yasekhaya, ehlala ingathintelwa kuzo zonke iipakethe ezivavanyiweyo. Njengobungqina, iprototype yokuxhaphaza yalungiswa eyayilungele ukuhlasela ipakethe yeDebian nge qmail kuqwalaselo olungagqibekanga.
Ukucwangcisa ukuphunyezwa kwekhowudi ekude ngexesha lokuhlaselwa, iseva ifuna i-4GB yendawo yediski yamahhala kunye ne-8GB ye-RAM.
I-exploit ikuvumela ukuba usebenzise nayiphi na imiyalelo yeqokobhe ngamalungelo akhe nawuphi na umsebenzisi kwinkqubo, ngaphandle kwengcambu kunye nabasebenzisi benkqubo abangenalo olwabo uvimba weefayili kwi "/ikhaya" ulawulo (inkqubo ye-qmail-yasekuhlaleni iqalwa ngamalungelo. yomsebenzisi wasekhaya apho unikezelo lwenziwa kuye).
Uhlaselo lwenziwa
ngokuthumela umyalezo weposi omkhulu kakhulu, ukuquka iilayini ezininzi zeheader, ezilinganisa malunga ne-4GB kunye ne-576MB. Ukuqhubekekisa umtya onjalo kwi-qmail-yasekuhlaleni iziphumo kwinani elipheleleyo lokuphuphuma xa uzama ukuhambisa umyalezo kumsebenzisi wendawo. Ukuphuphuma kwenani elipheleleyo ke kukhokelela ekuphuphumeni kwesithinteli xa kukotshwa idatha kunye nokuba nokwenzeka kokubhala ngaphezulu kwamaphepha ememori ngekhowudi ye-libc. Ngokulawula ubeko lwedatha egqithisiweyo, kunokwenzeka kwakhona ukuba ubhale kwakhona idilesi ye "vula ()" umsebenzi, uyitshintshe ngedilesi ye "system ()" umsebenzi.
Okulandelayo, kwinkqubo yokufowuna qmesearch () kwi qmail-yendawo, ifayile ".qmail-extension" ivulwa ngokuvula () umsebenzi, okhokelela kuphunyezo olululo lomsebenzi.
inkqubo(".qmail-extension). Kodwa ekubeni indawo “yolwandiso” yefayile yenziwe ngokusekwe kwidilesi yomamkeli (umzekelo, “localuser-extension@localdomain”), abahlaseli banokulungiselela ukuba umyalelo uthunyelwe ukuba uqhutywe ngokuchaza umsebenzisi “localuser-;command. ;@localdomain” njengomamkeli womyalezo.
Ngethuba lokuhlalutya ikhowudi, ubuthathaka obubini bachongiwe kwi-patch eyongezelelweyo ye-qmail-verify, eyinxalenye yephakheji ye-Debian. Ubuthathaka bokuqala () ikuvumela ukuba ugqithe uqinisekiso lwedilesi ye-imeyile, kunye neyesibini () ikhokelela ekuvuzeni kolwazi lwasekuhlaleni. Ngokukodwa, ubuthathaka bokuqala bukuvumela ukuba udlule ukuqinisekiswa kokuchaneka kwedilesi esetyenziswe kwi-exploit ukuthumela umyalelo (ukuqinisekiswa akusebenzi kwiidilesi ezingenayo indawo, njenge "localuser-; command;"). Ubuthathaka besibini bunokusetyenziswa ukujonga ubukho beefayile kunye nabalawuli kwinkqubo, ukuquka ezo zifikeleleka kuphela kwingcambu (qmail-qinisekisa iqhuba ngamalungelo engcambu), ngokufowuna ngokuthe ngqo kumphathi wendawo.
Ukusebenza malunga nengxaki, uBernstein ucebise ukuqhuba iinkqubo ze-qmail ezinomda opheleleyo kwimemori ekhoyo (“softlimit -m12345678”), apho ingxaki ivaliwe. Njengenye indlela yokhuseleko, ukunciphisa ubungakanani bobungakanani bomyalezo oqhutyelweyo ngefayile “yolawulo/idatabytes” ikwakhankanyiwe (ngokungagqibekanga ayenzelwanga ngomiselo olungagqibekanga qmail ihlala isesichengeni). Ukongezelela, "ukulawula / i-databytes" ayikhuseli kuhlaselo lwasekhaya olusuka kubasebenzisi benkqubo, ekubeni umda uthathelwa ingqalelo kuphela yi-qmail-smtpd.
Ingxaki ichaphazela ipakethe , ibandakanywe koovimba beDebian. Iqela leepatches lilungiselelwe le mpahla, ukususa ububuthathaka obudala ukusuka ku-2005 (ngokongeza umda wememori enzima kwi alloc () ikhowudi yomsebenzi) kunye neengxaki ezintsha kwi-qmail-qinisekisa. Ngokwahlukileyo uguqulelo oluhlaziyiweyo lwephetshi yokuqinisekisa i-qmail. Abaphuhlisi balungise ezabo iipetshi ukuvala iingxaki ezindala, kwaye baqalise kwakhona ukusebenza ukuphelisa konke okunokwenzeka ukuphuphuma kwenani elipheleleyo kwikhowudi.
umthombo: opennet.ru