|
|
[ °ø Áö ] BIND DNS ½Å±Ô Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í |
|
2016-07-20 |
|
|
¾È³çÇϽʴϱî. È£½ºÆ®¸ÕÆ®ÀÔ´Ï´Ù.
¸ÕÀú È£½ºÆ®¸ÕÆ®¸¦ ¾Æ²¸ÁÖ½Ã°í »ç¶ûÇØ Áֽô °í°´ ¿©·¯ºÐ²² Áø½ÉÀ¸·Î °¨»çµå¸®¸ç
BIND DNS ½Å±Ô Ãë¾àÁ¡ º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í°¡ ÀÖ¾î À̸¦ ¾Ë·Áµå¸®°íÀÚ ÇÕ´Ï´Ù.
---------------------------------------------------------------------------
¡à °³¿ä
o ISC´Â BIND DNS¿¡¼ ¹ß»ýÇÏ´Â ¿ø°Ý ¼ºñ½º °ÅºÎ(Denial of Service) Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥[1]
¡à ¼³¸í
o named¿¡ lightweight resolver(lwres)¸¦ ¼³Á¤ÇÏ¿© »ç¿ëÇÏ´Â °æ¿ì °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ ƯÁ¤±æÀÌ ÀÌ»óÀÇ ¿äûÀ» º¸³»¸é
¼ºñ½º °ÅºÎ°¡ ¹ß»ýÇÏ´Â Ãë¾àÁ¡(CVE-2016-2775)
¡à ¿µÇâ ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î
o BIND 9.10.0 ~ 9.10.4-P1
o BIND 9.9.x ~ 9.9.9-P1
o BIND 9.11.0a3 ~ 9.11.0b1
¡à ÇØ°á ¹æ¾È
o BIND 9 ¹öÀü 9.10.4-P2·Î ¾÷µ¥ÀÌÆ®
o BIND 9 ¹öÀü 9.9.9-P2·Î ¾÷µ¥ÀÌÆ®
o BIND 9 ¹öÀü 9.11.0b2·Î ¾÷µ¥ÀÌÆ®
¡à ±âŸ ¹®ÀÇ»çÇ×
o Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ: ±¹¹ø¾øÀÌ 118
[Âü°í»çÀÌÆ®]
[1] https://kb.isc.org/article/AA-01393/74/CVE-2016-2775
[2] https://www.isc.org/downloads/
°¨»çÇÕ´Ï´Ù.
---------------------------------------------------------------------------
Áñ°Å¿òÀÌ Àִ ȣ½ºÆà ¼ºñ½º [ È£½ºÆ®¸ÕÆ® ]
|
|
|