Ripple20, jerin laulaye a cikin tarin TreC's TCP / IP wanda ke shafar na'urori daban-daban

Darkcrizt

4 minti

Kwanan nan labari ya bazu cewa an gano kusan lahani 19 a cikin tarin TCP / IP na mallakar Treck, wanda za a iya amfani da shi ta hanyar aika fakitoci na musamman.

Abubuwan haɓakawa sun samo, an sanya su zuwa lambar sunan Ripple20 kuma wasu daga cikin waɗannan larurar suma sun bayyana a cikin Zuken Elmic's (Elmic Systems) KASAGO TCP / IP, wanda ke da tushen tushen tare da Treck.

Abin damuwa game da wannan jerin lahani da aka samu shine TCP / IP Treck tari ana amfani da shi ta na'urori da yawa masana'antu, likitanci, sadarwa, sakawa da mabukaci, daga fitilu masu kaifin baki zuwa firintoci da samar da wutar lantarki mara yankewa), haka kuma cikin makamashi, sufuri, jirgin sama, kasuwanci da kayan samar da mai.

Game da rauni

Fitattun maƙasudai don kai hare-hare ta amfani da tarin TCP / IP Treck sun hada da firintocin kwamfuta na HP da kwakwalwan Intel.

Hada matsalolin akan TCP / IP Treck tari ya zama shine dalilin raunin yanayin nesa Kwanan nan cikin tsarin Intel AMT da ISM wanda aka ci gajiyar su ta hanyar aika fakitin hanyar sadarwa.

Intel, HP, Hewlett Packard Enterprise, Baxter, Caterpillar, Digi, Rockwell Automation da Schneider Electric sun tabbatar da yanayin rashin lafiyar. Baya ga sauran masana'antun guda 66, waɗanda samfuransu ke amfani da tarin Treck TCP / IP, har yanzu ba su ba da amsa ga batutuwan ba, masana'antun 5, gami da AMD, sun ba da sanarwar cewa samfuran ba su da matsala.

An sami matsaloli a cikin aiwatarwar na IPv4, IPv6, UDP, DNS, DHCP, TCP, ICMPv4 da ARP ladabi, kuma sun samo asali ne ta hanyar aiki daidai na sigogi tare da girman bayanai (ta amfani da filin mai girma ba tare da bincika ainihin girman bayanan ba), kurakurai yayin bincika bayanan shigarwa, ƙwaƙwalwar ajiya sau biyu, karanta daga yankin waje-da-buffer , ambaliyar lamba, ambaliyar samun dama ba daidai ba, da matsalolin sarrafa kirtani tare da mai raba sifiri.

Tasirin waɗannan larurorin zai bambanta saboda haɗuwa da tattarawa da zaɓuɓɓukan lokacin aiki da aka yi amfani dasu yayin haɓaka tsarin da aka saka daban. Wannan bambance-bambancen aiwatarwa da kuma rashin gani a cikin sarkar samarwa sun ta da matsalar matsala ta kimanta tasirin waɗannan lahani. 

A takaice, wani mai kawo harin nesa ba tare da cikakken izini ba zai iya amfani da fakiti na hanyar sadarwa na musamman don haifar da ƙin yarda da sabis, bayyana bayanai, ko aiwatar da lambar ƙira.

Matsaloli biyu masu haɗari (CVE-2020-11896, CVE-2020-11897), waɗanda aka sanya su matakin CVSS na 10, ba da damar mai kawo hari don ya iya aiwatar da lambar sa a kan na'urar ta hanyar aikawa da fakiti na IPv4 / UDP ko IPv6 ta wata hanya.

Batun farko mai mahimmanci ya bayyana akan na'urori tare da tallafi don rami na IPv4, kuma na biyu akan sifofin IPv6 masu aiki waɗanda aka saki kafin Yuni 4, 2009. Wani mawuyacin yanayin rashin ƙarfi (CVSS 9) ya kasance a cikin mai warware DNS (CVE-2020-11901) kuma ya ba da izini lambar da za a gudanar ta hanyar gabatar da takamaiman aikin DNS da aka kirkira (an yi amfani da batun don nuna Schneider Electric UPS APC hack kuma ya bayyana a kan na'urori tare da goyon bayan DNS).

Duk da yake wasu matsalolin rashin daidaituwa CVE-2020-11898, CVE-2020-11899, CVE-2020-11902, CVE-2020-11903, CVE-2020-11905 le ba da damar sanin abubuwan cikin ta hanyar aikawa da fakitoci takamaiman aikin IPv4 / ICMPv4, IPv6OverIPv4, DHCP, DHCPv6 ko wuraren ƙwaƙwalwar IPv6 na tsarin. Sauran batutuwa na iya haifar da ƙi sabis ko kwararar ragowar bayanai daga maɓallan tsarin.

Yawancin yanayin rashin daidaito an gyara su akan sakin Treck 6.0.1.67 (batun CVE-2020-11897 wanda aka gyara a 5.0.1.35, CVE-2020-11900 a 6.0.1.41, CVE-2020-11903 a 6.0.1.28, CVE-2020-11908 a 4.7. 1.27).

Tunda shirya sabunta firmware don takamaiman na'urori na iya cin lokaci ko ba zai yuwu ba yayin da aka samar da tarin Treck sama da shekaru 20, yawancin na'urori an bar su ba kulawa ko masu wahala don sabuntawa.

An shawarci masu gudanarwa su ware na'urori masu matsala kuma su daidaita daidaito ko toshewa a cikin tsarin duba fakiti, garun wuta ko magudanar fasinjoji da aka faskara, toshe ramuka na IP (IPv6-in-IPv4 da IP-in-IP), toshe hanyar «tushen hanyar», ba da damar bincika zaɓuɓɓukan da ba daidai ba a cikin fakiti na TCP, toshe saƙonnin sarrafa ICMP marasa amfani (MTU Sabuntawa da Maƙallan Adireshin).


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Wanda ke da alhakin bayanan: Miguel Ángel Gatón
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.

  1.   manolin m
    sa 4 shekaru

    Ina cikin hako ma'adinai ne kawai sai PC dina ya fashe, ko don haka suka fada mani, zan iya gyara shi da kaina ko kuma zan dauke shi zuwa gyaran laptop

    Amsa zuwa manolin