An gano yanayin rauni wanda ya shafi Libreoffice da OpenOffice

Darkcrizt

4 minti

Vulnerabildiad kayan aiki

Kwanan nan bayani game da yanayin rauni (CVE-2018-16858) wanda abin ya shafa LibreOffice da Apache OpenOffice dakunan ofis a cikin abin da yake amfanuwa da cewa eWaɗannan suna ba da izinin aiwatar da lamba a cikin tsarin yayin buɗe takaddun da aka bayar musamman ta hanyar ODT.

Gano sAn aiwatar dashi akan Windows, kodayake wannan amfani kuma yana shafar Linux, mutumin da ya ba da rahoton wannan yanayin rashin lafiyar ya lura cewa waɗannan rukunin ɗakunan sun dace da rubutun kuma Basic, BeanShell, Java, JavaScript da Python suna dacewa.

Menene wannan yanayin rashin lafiyar ya dogara?

Yana da mahimmanci a ambaci cewa duk da cewa matsala ce da aka gano tun bara, haka kuma an aiwatar da maganin a cikin makonni biyu kawai.

Don dalilai na tsari ga mutumin da ya gano wannan (zaku iya bincika fitowar sa anan) an umurce shi da ya yi rahoton har zuwa kwanan nan.

Matsalar ta samo asali ne saboda rashin wadataccen bincike a cikin lambar sarrafa macro da aka saka a cikin takaddar, wanda abubuwa daban-daban zasu iya haifar dashi, kamar linzamin kwamfuta da yake nuna wani element.

Lokacin amfani da haruffa "../" a cikin hanyar zuwa mai sarrafawa, mai kai hari zai iya wuce bayanan kundayen tushe tare da rubutun (/ share / Scripts / python da / mai amfani / Scripts / python) da aiwatar da aiki ba bisa ƙa'ida ba daga rubutun Python da ke akwai lokacin da abin ya faru.

Mai kai hari yana amfani da wannan kuma don aiwatar da lambarka yana amfani da aikin rubutun pydoc.py da ke cikin yawancin rarrabawa (wanda aka haɗa a cikin LibreOffice don kunshin Windows - python-core-3.5.5 \ lib \ pydoc.py).

Wannan yana bayyana aikin tempfilepager() wanda ke kulawa da gudanar da kowane fayil wanda za'a iya aiwatarwa tare da dalilai na rashin yarda ta kiran aikin os.system().

Misali, don gudanar da kalkuleta lokacin da kake gungura hanyar haɗi zuwa takamaiman yanki a cikin takaddar, kawai haɗa rubutun vnd.sun.star.script:../../lib/python3.5/pydoc.py$ ga mai kula da taron "dom: mouseover" kawai haɗa rubutun zuwa "vnd.sun.star.script:../../lib/python3.5/pydoc.py$tempfilepager(1, gnome-calculator )?language=Python&location=share".

Zamu iya ganin wannan a cikin bidiyo mai zuwa:

An gano yanayin raunin kuma an ba da rahoto a shekarar da ta gabata kuma an cire shi a cikin sifofin LibreOffice 6.0.7 da 6.1.3.

Duk da yake a cikin halin yanzu na Apache OpenOffice 4.1.6, matsalarya zauna Ba a gyara ba

Dama akwai mafita

A matsayin mafita don toshe rauni a cikin OpenOffice, ana ba da shawarar ka share fayil ɗin pythonscript.py na kundin aikace-aikacen cewa ana iya samun wannan a hanyar da ke tafe "/opt/openoffice4/program/pythonscript.py".

Ban da shi matsalar bata daidaita ba har yanzu akan Debian Jessie, Ubuntu 16.04, SUSE da openSUSE.

A gefe guda RHEL, CentOS da Ubuntu 18.04 da Ubuntu 18.10 wannan matsalar ba ta shafe su ba.

A cikin OpenOffice da LibreOffice har zuwa ciki har da sigar 6.0, amfani da yanayin rashin lafiyar ya iyakance ga aiwatar da rubutun Python na cikin gida kasancewa saboda rashin tallafi don ƙaddamar da muhawara zuwa ayyukan da ake kira daga macros.

Don kai farmaki ga OpenOffice da sigogin farko na LibreOffice, mai kawo hari dole ne ya amintar da wurin rubutun Python, misali ta hanyar rarraba shi a cikin fayil na ZIP tare da takaddar ODT.

Lokacin da LibreOffice 6.1.x yakai hari, zaku iya amfani da rubutun tsarin pydoc.py don aiwatar da fayiloli ba tare da izini ba tare da kowane siga.

Har ila yau, mai yuwuwar kawo hari ne aka ambace shi ta hanyar kunshin ImageMagick, wanda LibreOffice ke amfani dashi don canza wasu nau'ikan fayiloli.

Wannan harin ya samo asali ne ta hanyar masu kula da hoto dogara ne akan ImageMagick yana da haɗari saboda takaddar yanayin rauni za'a iya aikawa azaman fayil ɗin JPEG ko PNG tare da fayil ɗin ODT maimakon hoto (irin wannan fayil ɗin za a sarrafa shi saboda ana gane nau'in MIME ta abubuwan da ke ciki, maimakon amincewa).

A ka'ida, matsalar kuma na iya shafar masu kirkirar hoto na atomatik don tebur da masu nuna fayil idan sun yi amfani da LibreOffice don nazarin takardu.

A wannan halin, don kai hari yana iya isa kawai a loda daftarin aiki tare da amfani ko kewaya kundin adireshin tare da shi a Nautilus.

Hakanan yana da mahimmanci a ga cewa har yanzu suna neman hanyar nemo rauni ta hanyoyi daban-daban na ImageMagick.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Alhakin bayanai: AB Internet Networks 2008 SL
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.