Bachonge ubuthathaka obuchaphazela ngaphezulu kwe-10,000 yeeseva ze-vpn  

Mva nje iqela labaphandi badize ukuba sesichengeni nge ukukala ubungqongqo be-9,8 kwi-10, oku emva kokuba banike unyaka om-1 wobabalo ngaphambi kokuba baveze ulwazi olunjalo.

Kuyakhankanywa ukuba malunga nama-10,000 abancedisi beenkampani que basebenzisa i-VPN echaphazelekayo.

Malunga ne-10,000 leeseva ezishishineyo zisebenzisa i-Palo Alto Networks GlobalProtect VPN zibonakaliswe zisesichengeni kwi-buffer overflow bug eyalungiswa kuphela kwiinyanga ezili-12 emva kokufunyanwa.

Ubuthathaka obuchongwe yi-CVE-2021-3064 A yi-9,8 ngaphandle kwe-10 kwaye Iyenzeka xa igalelo elinikezelwe ngumsebenzisi liskenwa kwindawo yobude obusisigxina kwisitaki.

Ubungqina bengqikelelo yesenzo esiphuhliswe ngabaphandi baseRandori bubonisa umonakalo omkhulu onokuthi ube nesiphumo.

"Obu buthathaka buchaphazela iifirewall zethu zisebenzisa i-GlobalProtect VPN kwaye ivumela ukuphunyezwa kude kwekhowudi engaqinisekanga kufakelo olusesichengeni lwemveliso. I-CVE-2021-3064 ichaphazela iinguqulelo ezahlukeneyo ze-PAN-OS 8.1 ngaphambi kwe-8.1.17 kwaye sifumene iimeko ezininzi ezisesichengeni ezivezwe kwii-asethi eziqhagamshelwe kwi-Intanethi, ngaphezulu kwe-10,000 ye-asethi, ”utshilo uRandori..

Umphandi ozimeleyo uKevin Beaumont uthe uphando lukaShodan alwenzileyo lubonisa ukuba malunga nesiqingatha sazo zonke iimeko zeGlobalProtect ezibonwe nguShodan zazisengozini.

Ukuphuphuma kuyenzeka xa isoftwe icazulula igalelo lomsebenzisi kwindawo yobude obusisigxina kwisitaki.

Andazi ukuba unokufikelela kwikhowudi ye-buggy ngaphandle ngaphandle kokusebenzisa into eyaziwa ngokuba yi-HTTP yokurhweba, ubuchule bokuxhaphaza obuphazamisana nendlela iwebhusayithi eqhuba ngayo imisinga yesicelo se-HTTP.

Ubuthathaka buvela xa isiphelo sangaphambili kunye nesiphelo sewebhusayithi sitolika imida yesicelo seHTTP. ngokwahlukileyo kwaye impazamo iyenza ihambelane. Ukusetyenziswa kwezi zinto zimbini kuvumela ukuphunyezwa kwekhowudi ekude phantsi kwamalungelo ecandelo elichaphazelekayo kwisixhobo somlilo.

Ngezantsi ziziphumo eziphambili zokufunyanwa kunye nophando:

  • Ikhonkco lobuthathaka libandakanya indlela yokuphepha ukuqinisekiswa kweseva yewebhu yangaphandle (i-HTTP smuggling) kunye ne-stack-based buffer overflow.
  • Ichaphazela i-Palo Alto firewalls usebenzisa i-PAN-OS 8.1 series kunye ne-GlobalProtect enikwe amandla (iinguqulelo ezichanekileyo <8.1.17).
  • Ukusebenzisa ikhonkco lobuthathaka kubonisiwe ukuvumela ukuphunyezwa kwekhowudi ekude kwiimveliso ezibonakalayo kunye ne-firewall.

Okwangoku akukho khowudi yokuxhaphaza ekhoyo esidlangalaleni.

Iipetshi ziyafumaneka kumthengisi.

Iisignesha zoThintelo lwe-PAN zikwakhona (ID 91820 kunye ne-91855) ukuvimba ukusetyenziswa kwalo mbandela.

Ukusebenzisa obu buthathaka, umhlaseli kufuneka abe nofikelelo kuthungelwano kwisixhobo kwizibuko lenkonzo yeGlobalProtect (izibuko 443 ngokungagqibekanga). Ekubeni imveliso echaphazelekayo yi-portal ye-VPN, eli zibuko lihlala lifumaneka kwi-Intanethi. Kwizixhobo ezinendawo yedilesi ye-randomization (ASLR) 70 enikwe amandla (ebonakala ngathi yimeko yezixhobo ezininzi), ukusebenza kunzima kodwa kunokwenzeka.

Kwizixhobo ezibonakalayo (i-VM series firewalls), ukusebenza kulula kakhulu ngenxa yokunqongophala kwe-ASLR kwaye iRandori ilindele ukuxhaphaka koluntu ukuba kuvele.

Abaphandi be-Randori abazange basebenzise ukuphuphuma kwe-buffer ukukhokelela ekuqhutyweni kwekhowudi elawulwayo kwiinguqulelo ezithile ze-MIPS-based management plane izixhobo ze-CPU ze-hardware ngenxa ye-endian yazo enkulu, nangona ukuphuphuma kuyafikeleleka kwezi zixhobo. ukufumaneka kweenkonzo.

Randori icebisa imibutho echaphazelekayo ukuba isebenzise izilungiso ezibonelelwe yiPAN. Ukongeza, i-PAN yenze iisignesha ezikhoyo ezinokuthi zivulwe ukunqanda ukuxhaphazwa ngelixa imibutho iceba ukuhlaziya isoftware.

Kwimibutho engasebenzisi uphawu lweVPN njengenxalenye yomlilo, sincoma ukukhubaza i-GlobalProtect.

Okokugqibela, ukuba unomdla wokwazi ngakumbi ngayo, ungajongana neenkcukacha kwi ikhonkco elandelayo.


Umxholo wenqaku uyabambelela kwimigaqo yethu imigaqo yokuziphatha yokuhlela. Ukuxela impazamo cofa apha.

Yiba ngowokuqala ukuphawula

Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa.

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.