Itusilẹ ti olupin meeli Exim 4.94.2 ti jẹ atẹjade pẹlu imukuro awọn ailagbara 21 (CVE-2020-28007-CVE-2020-28026, CVE-2021-27216), eyiti o jẹ idanimọ nipasẹ Qualys ati gbekalẹ labẹ orukọ koodu 21 Eekanna. Awọn iṣoro 10 le ṣee lo latọna jijin (pẹlu koodu pipaṣẹ pẹlu awọn ẹtọ gbongbo) nipasẹ ifọwọyi ti awọn aṣẹ SMTP nigba ibaraenisepo pẹlu olupin naa.
Gbogbo awọn ẹya ti Exim, ti itan rẹ ti tọpinpin ni Git lati ọdun 2004, ni ipa nipasẹ iṣoro naa. Awọn apẹẹrẹ iṣẹ ṣiṣe ti awọn ilokulo ti pese sile fun awọn ailagbara agbegbe 4 ati awọn iṣoro latọna jijin 3. Awọn anfani fun awọn ailagbara agbegbe (CVE-2020-28007, CVE-2020-28008, CVE-2020-28015, CVE-2020-28012) gba ọ laaye lati gbe awọn anfani rẹ ga si olumulo gbongbo. Awọn ọran latọna jijin meji (CVE-2020-28020, CVE-2020-28018) gba koodu laaye lati ṣiṣẹ laisi ìfàṣẹsí bi olumulo Exim (o le lẹhinna jèrè iwọle gbongbo nipa lilo ọkan ninu awọn ailagbara agbegbe).
Ailagbara CVE-2020-28021 ngbanilaaye ipaniyan koodu isakoṣo latọna jijin lẹsẹkẹsẹ pẹlu awọn ẹtọ gbongbo, ṣugbọn nilo iraye si ifọwọsi (olumulo gbọdọ fi idi igba idaniloju kan, lẹhin eyiti wọn le lo ailagbara nipasẹ ifọwọyi ti paramita AUTH ninu aṣẹ mail). Iṣoro naa jẹ nitori otitọ pe ikọlu le ṣaṣeyọri aropo okun ni akọsori ti faili spool nipa kikọ iye ti o daju_sender laisi yago fun awọn ohun kikọ pataki daradara (fun apẹẹrẹ, nipa gbigbe aṣẹ “MAIL FROM:<> AUTH=Raven+0AREyes ”).
Ni afikun, o ṣe akiyesi pe ailagbara latọna jijin miiran, CVE-2020-28017, jẹ ilokulo lati ṣiṣẹ koodu pẹlu awọn ẹtọ olumulo “exim” laisi ijẹrisi, ṣugbọn nilo diẹ sii ju 25 GB ti iranti. Fun awọn ailagbara 13 to ku, awọn ilokulo le tun ti mura silẹ, ṣugbọn iṣẹ ni itọsọna yii ko tii ṣe.
Awọn olupilẹṣẹ Exim ti gba ifitonileti ti awọn iṣoro pada ni Oṣu Kẹwa ọdun to kọja ati lo diẹ sii ju awọn oṣu 6 ni idagbasoke awọn atunṣe. Gbogbo awọn alakoso ni iṣeduro lati ṣe imudojuiwọn Exim ni kiakia lori awọn olupin meeli wọn si ẹya 4.94.2. Gbogbo awọn ẹya ti Exim ṣaaju itusilẹ 4.94.2 ni a ti kede pe atijo. Atẹjade ẹya tuntun naa jẹ iṣakojọpọ pẹlu awọn pinpin ti o ṣe atẹjade awọn imudojuiwọn package nigbakanna: Ubuntu, Arch Linux, FreeBSD, Debian, SUSE ati Fedora. RHEL ati CentOS ko ni ipa nipasẹ iṣoro naa, niwọn igba ti Exim ko si ninu ibi ipamọ package boṣewa wọn (EPEL ko sibẹsibẹ ni imudojuiwọn).
Awọn ailagbara ti a yọ kuro:
- CVE-2020-28017: Odidi aponsedanu ninu iṣẹ receive_add_recipient ();
- CVE-2020-28020: Odidi aponsedanu ninu iṣẹ receive_msg ();
- CVE-2020-28023: Jade-aala ka ni smtp_setup_msg ();
- CVE-2020-28021: Fidipo Newline ni akọsori faili spool;
- CVE-2020-28022: Kọ ati ka ni agbegbe kan ni ita ifipamọ ti a pin si ni iṣẹ jade_option ();
- CVE-2020-28026: Okun truncation ati aropo ni spool_read_header ();
- CVE-2020-28019: jamba nigbati o ba ntunto itọka iṣẹ kan lẹhin aṣiṣe BDAT kan waye;
- CVE-2020-28024: Ifipamọ labẹ ṣiṣan ni iṣẹ smtp_ungetc ();
- CVE-2020-28018: Lilo-lẹhin-iwọle ifipamọ ọfẹ ni tls-openssl.c
- CVE-2020-28025: Ode-aala ka ninu iṣẹ pdkim_finish_bodyhash ().
Awọn ailagbara agbegbe:
- CVE-2020-28007: Ikọlu ọna asopọ aami ninu iwe ilana Exim;
- CVE-2020-28008: Awọn ikọlu liana Spool;
- CVE-2020-28014: Ṣiṣẹda faili lainidii;
- CVE-2021-27216: Iparẹ faili lainidii;
- CVE-2020-28011: Idalẹnu aponsedanu ni queue_run ();
- CVE-2020-28010: Jade-aala kọ ni akọkọ ();
- CVE-2020-28013: Idalẹnu aponsedanu ni iṣẹ parse_fix_phrase ();
- CVE-2020-28016: Ko si aala kọ sinu parse_fix_phrase ();
- CVE-2020-28015: Fidipo Newline ni akọsori faili spool;
- CVE-2020-28012: Sonu isunmọ-on-exec flag fun anfani ti a ko darukọ paipu;
- CVE-2020-28009: Odidi aponsedanu ni iṣẹ get_stdinput ().
orisun: opennet.ru