|
| [ÁÖÀÇ] IIS 5.0 Ãë¾àÁ¡¿¡ ´ëÇÑ °ø°Ýºóµµ Áõ°¡2003-05-16 |
|
|
Áö³ 3¿ù¿¡ ¹ßÇ¥µÈ IIS 5.0 WebDAV Buffer Overflow (MS03-007, Q815021)°ø°ÝÀÌ Á¶±Ý¾¿ ºóµµ°¡ ÀÖ´Â Ãß¼¼ÀÔ´Ï´Ù.
IIS 5.0À» ¿î¿ëÇÏ°í °è½Ã´Â ½Ã½ºÅÛ °ü¸®Àںв²¼´Â ÀÌ¿¡ ´ëÇÑ Patch Àû¿ë¿©ºÎµîÀ» ¹Ýµå½Ã Á¡°ËÇØ¾ß ÇÒ °ÍÀ¸·Î »ý°¢µË´Ï´Ù.
(¾Æ·¡ÀÇ »çÀÌÆ® Âü°í)
°ø°ÝÁö´Â ¹Ì±¹»Ó¸¸ ¾Æ´Ï¶ó, À¯·´(ƯÈ÷ ÇÁ¶û½º)¿¡¼µµ °ø°ÝÀÌ µé¾î¿À°í ÀÖ½À´Ï´Ù.
[°ø°Ý Log : °ø°Ý½Ã ¹ß»ýÇÏ´Â URL µ¥ÀÌÅÍ]
/.... (ÀÌÇÏ »ý·«)
/```` (ÀÌÇÏ »ý·«)
//aaaaaaa
/CCCCCC
/bbbb
(ÀÌÇÏ »ý·«)
/####
/$$$$
* ¸î°¡Áö Ãß°¡ÀûÀÎ ·Î±×°¡ Á¸ÀçÇÔ.
[½Ã½ºÅÛ Event : ¹Ì ÆÐÄ¡µÈ ½Ã½ºÅÛ Áõ»ó - ºñÁ¤»óÀû Á¾·á(Denial of Service)]
Event Á¾·ù : ½Ã½ºÅÛ ·Î±×(¿À·ù), ¿øº» : Service Control Manager
1¹ø° ·Î±× : IIS Admin Service ¼ºñ½º°¡ ¿¹±âÄ¡ ¾Ê°Ô 1¹ø Á¾·áÇß½À´Ï´Ù. 1 ¹Ð¸®ÃÊ ¾È¿¡ ´ÙÀ½ÀÇ ¼öÁ¤ ÀÛ¾÷À» ÇÕ´Ï´Ù : ±¸¼ºµÈ º¹±¸ ÇÁ·Î±×·¥À» ½ÇÇàÇÕ´Ï´Ù..
2¹ø° ·Î±× : World Wide WEb Publishing Service ¼ºñ½º°¡ ¿¹±âÄ¡ ¾Ê°Ô 1¹ø Á¾·áÇß½À´Ï´Ù. 0 ¹Ì¸®ÃÊ ¾È¿¡ ´ÙÀ½ÀÇ ¼öÁ¤ ÀÛ¾÷À» ÇÕ´Ï´Ù : µ¿ÀÛ¾øÀ½.
*¾ÆÁ÷±îÁö ½Ã½ºÅÛ°èÁ¤À» ȹµæÇÏ´Â Exploit Code°¡ °ø°³µÇ°í ÀÖÁö ¾ÊÀº °ÍÀ¸·Î º¸À̸ç, DoS¸¦ À¯¹ßÇÒ ¼ö ÀÖ´Â Exploit Code°¡ °ø°³µÇ¾î ÀÖÀ¸´Ï,
ÀÌ¿¡ ´ëÇØ ½Ã½ºÅÛ °ü¸®ÀÚ²²¼´Â °¢º°ÇÑ ÁÖÀǸ¦ ÇÏ¼Å¾ß ÇÕ´Ï´Ù.
[WebDAV Buffer Overflow °ü·Ã Microsoft »çÀÌÆ®]
http://www.microsoft.com/korea/technet/security/bulletin/MS03-007.asp
[º¸¾ÈÆÐÄ¡ ´Ù¿î·Îµå »çÀÌÆ®]
http://www.microsoft.com/downloads/details.aspx?displaylang=ko&FamilyID=C9A38D45-5145-4844-B62E-C69D32AC929B |
|
|
±Ûº¸±â 