Drošības ievainojamība OpenSSL bibliotēkā

Drošība Valodas: Latviešu valoda

heartbleedPētnieku grupa tikko atklājusi būtisku ievainojamību OpenSSL bibliotēku versijās 1.0.1, 1.0.1a-1.0.1.f un 1.0.2-beta.

Ievainojamība ietekmē pamatā tīmekļa serverus (t.sk. Apache un nginx) un balstās uz nepilnību TLS “heartbeat” paplašinājumā, kas paredzēts, lai nodrošinātu savienojumu noturību udp protokolā. Taču šis paplašinājums ir universāls un darbojas gan DTLS (udp), gan TLS (tcp) variantos.

Nu un? Ievainojamība ļauj jebkuram uzbrucējam iegūt līdz pat 65,5KB servera atmiņas. Atrast atmiņā kaut ko konkrētu, piemēram, servera atslēgu, ir laimes spēle, taču ar gana daudz mēģinājumiem… viss ir iespējams.

Trīs papildus faktori padara šo problēmu īpaši nepatīkamu:

  • OpenSSL (un tieši ievainojamās versijas) izmanto populārākie tīmekļa serveri;
  • uzbrukums notiek pēc tam, kad nodibināts droši šifrēts savienojums, tāpēc ir apgrūtināta uzbrukuma apturēšana tīkla līmenī;
  • esošā serveru programmatūra nekādā veidā nefiksē izdevušos uzbrukumu, tātad pēc tā nepaliek nekādas pēdas.

Šonakt esam izstrādājuši tīmekļa bāzētu rīku, kas ļaus novērtēt, vai Jūsu serverus ietekmē konkrētā ievainojamība. Neatkarīgi no pārbaudes rezultāta, iesakām visiem atjaunot OpenSSL bibliotēkas uz vismaz versiju 1.0.1g un pārliecināties, ka servera programmatūra izmanto šīs bibliotēkas jaunākās versijas.

Piedāvājam iepazīties ar ievainojamības tehnisko aprakstu.

137 thoughts on “Drošības ievainojamība OpenSSL bibliotēkā

  1. Pingback: generic priligy soft
  2. Pingback: atrovent hfa inhaler coupons
  3. Pingback: cost of zithromax medicine
  4. Pingback: hydroxychloroquine and weight loss
  5. Pingback: hydroxychloroquine price
  6. Pingback: tadalafil black
  7. Pingback: hydroxychloroquine sulfate price
  8. Pingback: hydroxychloroquine for squirrel mange
  9. Pingback: 500 mg ciprofloxacin hcl
  10. Pingback: hydroxychloroquine clinical test results
  11. Pingback: cons of keto diet
  12. Pingback: generic viagra over the counter canada
  13. Pingback: is ivermectil the same as revatio
  14. Pingback: azithromycin dosage for children
  15. Pingback: priligy withdrawal time
  16. Pingback: how to take aurogra for best results
  17. Pingback: stromectol red and black capsule
  18. Pingback: hydroxychloroquineailen 200 mg plaquenil
  19. Pingback: amoxicillin withdrawal symptoms
  20. Pingback: kamagra 20 mg tablet generic
  21. Pingback: is 40 mg tadalafil dangerous
  22. Pingback: stromectol for spider bite
  23. Pingback: shingless for asthma deltasone
  24. Pingback: stromectol for gastroenteritis
  25. Pingback: will ivermectin kill adult heartworms
  26. Pingback: gay speed dating nj
  27. Pingback: ivermectin 6 mg and pregnancy
  28. Pingback: ivermectin dose for heartworm treatment
  29. Pingback: ivermectin for humans lice
  30. Pingback: ivermectin for humans ebay
  31. Pingback: amoxicillin used for what diseases
  32. Pingback: cialis no prescrition
  33. Pingback: stromectol drug
  34. Pingback: ivermectin for acne
  35. Pingback: is there shortage of hydroxychloroquine
  36. Pingback: clomiphene 50mg tablets
  37. Pingback: prednisone 20 mg prescription
  38. Pingback: is ivermectin used to treat scabies
  39. Pingback: ivermectin drug insert
  40. Pingback: is ivermectin safe for humans
  41. Pingback: oral ivermectin
  42. Pingback: price for sildenafil 20 mg
  43. Pingback: price of viagra 100mg in usa
  44. Pingback: pharmaceutical cost in usa
  45. Pingback: cialis online prescription
  46. Pingback: gnc mens viagra
  47. Pingback: hydroxychloroquine 200 mg for sale
  48. Pingback: stromectol over the counter for sale
  49. Pingback: viagra alternatives over counter
  50. Pingback: can i buy viagra over the counter uk
  51. Pingback: zovirax coupons printable
  52. Pingback: ivermectin 4 mg
  53. Pingback: generic lumigan
  54. Pingback: baricitinib cost
  55. Pingback: lumigan drops
  56. Pingback: baricitinib acr 20
  57. Pingback: buy clomid 50mg
  58. Pingback: Anonīms
  59. Pingback: tizanidine buy
  60. Pingback: Anonīms
  61. Pingback: ivermectin tablets for sale
  62. Pingback: ivermectin in canada
  63. Pingback: stromectol for sale
  64. Pingback: ignition casino legal in california
  65. Pingback: stromectol price
  66. Pingback: cost prednisone 40mg
  67. Pingback: comprar cialis
  68. Pingback: buy generic tadalafil
  69. Pingback: stromectol pills
  70. Pingback: ivermectin price usa
  71. Pingback: viagra cheap online no prescription
  72. Pingback: tadalafil canadian pharmacy
  73. Pingback: viagra for sale online usa
  74. Pingback: ivermectin 3mg tablet
  75. Pingback: tadalafil prix
  76. Pingback: cialis dose
  77. Pingback: sildenafil tablets for men
  78. Pingback: tadalafil uk prescription
  79. Pingback: canadian generic cialis online
  80. Pingback: ivermectin tablets walmart
  81. Pingback: sildenafil citrate tablets
  82. Pingback: sildenafil tablets australia
  83. Pingback: cialis tadalafil
  84. Pingback: cialis tabletas
  85. Pingback: where can i get cialis over the counter
  86. Pingback: side effects of prednisone 20mg
  87. Pingback: what is prednisone 20mg tablet for
  88. Pingback: antiviral for covid
  89. Pingback: cialis prescription australia
  90. Pingback: cialis online pharmacy
  91. Pingback: cialis super active
  92. Pingback: where to buy ivermectin cream
  93. Pingback: side effects of prednisone in humans
  94. Pingback: viagra canada discount
  95. Pingback: cialis pills
  96. Pingback: best online casino
  97. Pingback: cialis walmart
  98. Pingback: ivermectin for people
  99. Pingback: buy ivermectin nz
  100. Pingback: ivermectin for humans dosage
  101. Pingback: online gambling for money
  102. Pingback: tadalafil and dapoxetine
  103. Pingback: tadalafil and dapoxetine
  104. Pingback: doxazosin viagra
  105. Pingback: generic cialis
  106. Pingback: ivermectin tablets over counter
  107. Pingback: flccc ivermectin
  108. Pingback: ivermectin 4000
  109. Pingback: stromectol tablets
  110. Pingback: cialis pills
  111. Pingback: stromectol ivermectin tablets
  112. Pingback: ivermectin tablets for humans
  113. Pingback: furosemide 20 mg canada
  114. Pingback: furosemide mexico
  115. Pingback: stromectol 5 mg
  116. Pingback: can you buy stromectol over the counter
  117. Pingback: ivermectin for worms in humans
  118. Pingback: stromectol online canada
  119. Pingback: stromectol medicine
  120. Pingback: lucky land slots free sweeps cash
  121. Pingback: where can you buy ivermectin
  122. Pingback: how much does ivermectin cost
  123. Pingback: molnupiravir vs ivermectin
  124. Pingback: ivermectin buy
  125. Pingback: ivermectin price
  126. Pingback: ivermectin ken
  127. Pingback: ivermectin for pigs
  128. Pingback: ivermectin cream 5%
  129. Pingback: how much is generic cialis at walmart
  130. Pingback: stromectol ivermectin
  131. Pingback: ivermectine buy
  132. Pingback: buy stromectol pills
  133. Pingback: stromectol coronavirus
  134. Pingback: 2browsers
  135. Pingback: ivermectin 3 mg tabs
  136. Pingback: buy propecia online in canada
  137. Pingback: buy propecia chemist warehouse

Atbildēt

Jūsu e-pasta adrese netiks publicēta. Obligātie lauki ir atzīmēti kā *