Munguva pfupi yapfuura boka revatsvakurudzi rakaratidza kusagadzikana na a kuomarara mwero we9,8 kubva pa10, izvi mushure mekunge vapa 1 gore renyasha vasati vazivisa ruzivo rwakadai.
Anosvika zviuru gumi maseva emakambani anoshandisa Palo Alto Networks GlobalProtect VPN akaratidzwa kuve ari panjodzi yebuffer yekufashukira bug iyo yakagadziriswa mwedzi gumi nemiviri chete mushure mekuwanikwa.
Kusagadzikana kwakaonekwa neCVE-2021-3064 A ndeye 9,8 kunze kwegumi uye Inoitika kana mushandisi-anopihwa inoiswa inotariswa kune yakatarwa-urefu nzvimbo pastack.
Humbowo hwepfungwa yekushandiswa kwakagadzirwa nevatsvaguri vepaRandori inoratidza kukuvadzwa kukuru kunogona kuguma.
"Kusagadzikana uku kunokanganisa mafirewall edu tichishandisa GlobalProtect VPN uye inobvumira kuremerwa kwekodhi isina kutenderwa panjodzi yekuiswa kwechigadzirwa. CVE-2021-3064 inokanganisa mavhezheni akasiyana ePAN-OS 8.1 isati yasvika 8.1.17 uye takawana njodzi dzakawanda dziri pachena pazvinhu zvakabatana neInternet, zvinhu zvinopfuura zviuru gumi, "akadaro Randori..
Muongorori akazvimirira Kevin Beaumont akati kuferefeta kwaakaita Shodan kunoratidza izvozvo ingangoita hafu yezvese GlobalProtect zviitiko zvakaonekwa naShodan vaive panjodzi.
Kufashukira kunoitika kana software yadhindisa mushandisi panzvimbo yakatarwa-kureba pane stack.
Ini handizive kuti unokwanisa kuwana iyo buggy kodhi kunze usingashandise inozivikanwa seHTTP yekuverevedza, nzira yekubiridzira inovhiringa nzira iyo webhusaiti inoita HTTP yekukumbira hova.
Kusagadzikana kunoonekwa kana iyo yekumberi-yekupedzisira uye yekumashure-yekupedzisira webhusaiti ichidudzira miganhu yechikumbiro cheHTTP. zvakasiyana uye kukanganisa kunovabvisa. Iko kushandiswa kwezvinhu zviviri izvi kunobvumira kure kure kodhi kuuraya pasi peropafadzo dzechikamu chakakanganisika pane firewall mudziyo.
Pazasi pane zvakakosha zvakawanikwa pakuwanikwa uye tsvagiridzo:
- Cheni yekusagadzikana ine nzira yekunzvenga ekunze webhu server zvinosimbiswa (HTTP smuggling) uye stack-based buffer mafashama.
- Inobata Palo Alto firewalls uchishandisa PAN-OS 8.1 series ine GlobalProtect inogoneswa (chaiyo shanduro <8.1.17).
- Kushandisa ketani yekusagadzikana kwakaratidzwa kubvumira kure kure kodhi kuuraya mune yemuviri uye chaiyo firewall zvigadzirwa.
Iye zvino hapana paruzhinji exploit code.
Mapeche anowanikwa kubva kune mutengesi.
PAN Threat Prevention masiginecha anowanikwawo (ID 91820 uye 91855) kuvharidzira kushandiswa kwenyaya iyi.
Kushandisa kusagadzikana uku, munhu anorwisa anofanira kuwana network kune mudziyo paGlobalProtect service port (port 443 by default). Sezvo chigadzirwa chakakanganisika chiri VPN portal, chiteshi ichi chinowanzo kuwanikwa paInternet. Pamidziyo ine kero nzvimbo randomisation (ASLR) 70 inogoneswa (zvinoratidzika sezviri kuitika kune mazhinji maturusi), kushanda kwakaoma asi kunogoneka.
Pamidziyo yakagadzirwa (VM series firewalls), kushanda kwacho kuri nyore zvakanyanya nekuda kwekushaikwa kweASLR uye Randori anotarisira kuti zviitiko zveveruzhinji zvichabuda.
Vatsvagiri veRandori havana kushandisa iyo buffer mafashama kuti iite kudzora kodhi kuuraya pane dzimwe shanduro dzeMIPS-yakavakirwa manejimendi ndege yeCPU hardware zvishandiso nekuda kwehukuru hwekuvakisa kwavo, kunyangwe mafashama ari kuwanikwa pamidziyo iyi. uye inogona kushandiswa kudzikamisa iyo kuwanikwa kwesevhisi.
randori inokurudzira masangano akakanganisika kuti ashandise zvigadziriso zvakapihwa nePAN. Pamusoro pezvo, PAN yakagadzira masiginecha anowanikwa anogona kuvhurwa kuti adzivise kushandiswa uku masangano achironga kugadzirisa software.
Kune masangano asingashandise VPN chimiro sechikamu chefirewall, tinokurudzira kudzima GlobalProtect.
Chekupedzisira, kana iwe uchida kuziva zvakawanda nezvazvo, unogona kubvunza iwo maficha mu next link.