[
°ø Áö
] Samba ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í
2017-05-25
¾È³çÇϽʴϱî. È£½ºÆ®¸ÕÆ®ÀÔ´Ï´Ù.
¸ÕÀú È£½ºÆ®¸ÕÆ®¸¦ ¾Æ²¸ÁÖ½Ã°í »ç¶ûÇØ Áֽô °í°´ ¿©·¯ºÐ²² Áø½ÉÀ¸·Î °¨»çµå¸®¸ç
Samba ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í°¡ ÀÖ¾î À̸¦ ¾Ë·Áµå¸®°íÀÚ ÇÕ´Ï´Ù.
---------------------------------------------------------------------------
¡à °³¿ä
o Samba ¼ÒÇÁÆ®¿þ¾î¿¡¼ ¹ß»ýÇÏ´Â ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥[1]
o ¿µÇâ ¹Þ´Â ¹öÀüÀÇ »ç¿ëÀÚ´Â ·£¼¶¿þ¾î °¨¿°, ¼¹ö ħÇØ µîÀÌ ¹ß»ýÇÒ ¼ö ÀÖÀ¸¹Ç·Î ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ® ±Ç°í
¡à ¼³¸í
o Samba ¾²±â °¡´ÉÇÑ °øÀ¯ ¶óÀ̺귯¸®¿¡¼ °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ¿ø°Ý ÄÚµå ½ÇÇàÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2017-7494)
¡à ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
o linux/unix °è¿
- Samba 3.5.0 ÀÌ»ó ¹öÀü
o Synology NAS Á¦Ç°
- DSM 6.1, DSM 6.0, SRM 1.1
¡à ÇØ°á ¹æ¾È
o ÇØ´ç Ãë¾àÁ¡¿¡ ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î ¹öÀü »ç¿ëÀÚ´Â ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ® ¼öÇà[2]
o º¸¾È ¾÷µ¥ÀÌÆ®°¡ °ø°³µÈ ¿î¿µÃ¼Á¦¸¦ ¿î¿µÇÏ°í ÀÖÀ» °æ¿ì, Âü°í »çÀÌÆ®ÀÇ ³»¿ëÀ» ÂüÁ¶ÇÏ¿© º¸¾È ¾÷µ¥ÀÌÆ® ¼öÇà
- Ubuntu 14.04 LTS ÀÌ»ó ¹öÀü[3]
- Ubuntu 12.04 LTS ¹öÀü[4]
- Redhat[5]
- Debian[6]
- SUSE/openSUSE[7]
- Synology NAS[8]
¡à ±âŸ ¹®ÀÇ»çÇ×
o Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ: ±¹¹ø¾øÀÌ 118
[Âü°í»çÀÌÆ®]
[1]
https://www.samba.org/samba/security/CVE-2017-7494.html
[2]
https://www.samba.org/samba/history/security.html
[3]
https://www.ubuntu.com/usn/usn-3296-1/
[4]
https://www.ubuntu.com/usn/usn-3296-2/
[5]
https://access.redhat.com/solutions/3054071
[6]
https://security-tracker.debian.org/tracker/CVE-2017-7494
[7]
https://www.suse.com/security/cve/CVE-2017-7494/
[8]
https://www.synology.com/en-global/support/security/Important_Information_Regarding_Samba_Vulnerability_CVE_2017_7494
---------------------------------------------------------------------------
Áñ°Å¿òÀÌ Àִ ȣ½ºÆà ¼ºñ½º [ È£½ºÆ®¸ÕÆ® ]