|
|
Remote Buffer Overflow Vulnerability in HP-UX Line Printer Daemon |
A3 º¸¾È ÄÁ¼³Æà |
|
2001³â 09¿ù 04ÀÏ 00:00:00 |
À̼®±â ÄÁ¼³ÅÏÆ®
|
|
|
|
1. ¼³¸í
HP-UX(HP Unix)¿¡¼´Â BSD Unix¿¡¼ º¯È¯µÈ line printer µ¥¸óÀÌ ±¸µ¿µÈ´Ù. HP line printer µ¥¸óÀº ´Ù¸¥ Unix¿¡¼ÀÇ ¡®in.lpd¡¯¿Í ºñ½ÁÇѵ¥, ³×Æ®¿÷»ó¿¡¼ ¼·Î ´Ù¸¥ Á¾·ùÀÇ À¯´Ð½º°£¿¡ ³×Æ®¿÷À» ÅëÇÑ ÇÁ¸°ÅÍ °øÀ¯¸¦ °¡´ÉÇÏ°Ô ÇØ ÁÖ´Â ¿ªÇÒÀ» ÇÑ´Ù.
¶ÇÇÑ rlpdaemon ¿¡´Â ¿ÜºÎÀÇ °ø°ÝÀÚ°¡ ¾ÇÀÇÀû ¸ñÀûÀ¸·Î º¯ÇüÇÑ °ø°Ý packetÀ» µ¥¸ó¿¡ Àü¼ÛÇÔÀ¸·Î½á °ü¸®ÀÚ±ÇÇÑÀ¸·Î °ø°ÝÄڵ带 ½ÇÇàÇÒ ¼ö ÀÖ°Ô ÇØÁÖ´Â buffer Overflow Ãë¾àÁ¡µµ Á¸ÀçÇÑ´Ù. ÀÌ Ãë¾àÁ¡Àº rlpdaemon ÀÌ µðÆúÆ®·Î ¼³Ä¡µÇ°í ¼³Á¤µÇ¸ç, ÀÏ´Ü ¼³Á¤µÇ¸é »ç¿ëµÇÁö ¾Ê´õ¶óµµ À¯È¿ÇÏ´Ù. »Ó¸¸ ¾Æ´Ï¶ó, Ãë¾àÁ¡À» °ø°ÝÇϱâ À§Çؼ ³»ºÎ°èÁ¤À̳ª ½Ã½ºÅÛ±¸¼º¿¡ ´ëÇÑ Á¤º¸°¡ ¾ø´õ¶óµµ °ø°ÝÀÌ °¡´ÉÇÏ´Ù.
2. °áÇÔ±âÁ¾
HP-UX 10.0.1
HP-UX 10.10
HP-UX 10.20
HP-UX 11.00
HP-UX 11.11
3. ÇØ°áÃ¥
Network print¸¦ ±¸¼ºÇÏ°í ÀÖÁö ¾ÊÀ¸¸é rlpdaemonÀ» Áï½Ã Áß´ÜÇÏ°í ¾Æ·¡ÀÇ patch¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
HP-UX 10.01 - PHCO_24697
HP-UX 10.10 - PHCO_24698
HP-UX 10.20 - PHCO_24699
HP-UX 11.00 - PHCO_24700
HP-UX 11.11 - PHCO_24701
http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA |
|
|
|
|
|
|
¨Ï µ¥ÀÌÅͳÝ(http://t564.ndsoftnews.com) ¹«´ÜÀüÀç ¹× Àç¹èÆ÷±ÝÁö | ÀúÀ۱ǹ®ÀÇ |
|
|
|
|
|
| |
°¡Àå ¸¹ÀÌ º» ±â»ç |
|
|
|