|
|
[ °ø Áö ] BIND Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í |
|
2016-09-29 |
|
|
¾È³çÇϽʴϱî. È£½ºÆ®¸ÕÆ®ÀÔ´Ï´Ù.
¸ÕÀú È£½ºÆ®¸ÕÆ®¸¦ ¾Æ²¸ÁÖ½Ã°í »ç¶ûÇØ Áֽô °í°´ ¿©·¯ºÐ²² Áø½ÉÀ¸·Î °¨»çµå¸®¸ç
BIND Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í°¡ ÀÖ¾î À̸¦ ¾Ë·Áµå¸®°íÀÚ ÇÕ´Ï´Ù.
---------------------------------------------------------------------------
¡à °³¿ä
o ISC´Â BIND DNS¿¡¼ ¹ß»ýÇÏ´Â ¿ø°Ý ¼ºñ½º °ÅºÎ(Denial of Service) Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥[1]
¡à ¼³¸í
o buffer.c¿¡¼ ƯÁ¤ÇÑ Äõ¸®¸¦ Æ÷ÇÔÇÑ ÆÐŶ¿¡ ´ëÇÑ ÀÀ´äÀ» º¸³¾ ¶§, ¼ºñ½º Á¾·á°¡ ¹ß»ýÇÏ´Â Ãë¾àÁ¡(CVE-2016-2776)
¡à ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
o BIND 9.0.x ~ 9.8.x
o BIND 9.9.0 ~ 9.9.9-P2
o BIND 9.9.3-S1 ~ 9.9.9-S3
o BIND 9.10.x ~ 9.10.4-P2
o BIND 9.11.0a1 ~ 9.11.0rc1
¡à ÇØ°á ¹æ¾È
o BIND 9 ¹öÀü 9.9.9-P3·Î ¾÷µ¥ÀÌÆ®
o BIND 9 ¹öÀü 9.10.4-P3·Î ¾÷µ¥ÀÌÆ®
o BIND 9 ¹öÀü 9.11.0rc3·Î ¾÷µ¥ÀÌÆ®
¡à ±âŸ ¹®ÀÇ»çÇ×
o Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ: ±¹¹ø¾øÀÌ 118
[Âü°í»çÀÌÆ®]
[1] https://kb.isc.org/article/AA-01419/0
°¨»çÇÕ´Ï´Ù.
---------------------------------------------------------------------------
Áñ°Å¿òÀÌ Àִ ȣ½ºÆà ¼ºñ½º [ È£½ºÆ®¸ÕÆ® ]
|
|
|