| Ãë¾àÁ¡ID |
26050 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
139,445 |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
SMB |
| »ó¼¼¼³¸í |
ÇØ´ç ½Ã½ºÅÛ¿¡´Â "Network Share Provider¿¡ ÀÖ´Â ¼ºñ½º °ÅºÎ Ãë¾àÁ¡"¿¡ ´ëÇÑ Hotfix(Q326830)°¡ ¼³Ä¡µÇ¾î ÀÖÁö ¾Ê´Ù.
¸¶ÀÌÅ©·Î¼ÒÇÁÆ®ÀÇ Server Message Block (SMB)Àº ÄÄÇ»ÅÍ°£ÀÇ µ¥ÀÌÅÍ¿Í ÀÚ¿øµéÀ» °øÀ¯Çϱâ À§ÇÑ ÇÁ·ÎÅäÄÝÀÌ´Ù. ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® Windows NT, Windows 2000, ±×¸®°í Windows XPÀÇ SMB ÇÁ·ÎÅäÄÝ¿¡ ÀÖ´Â ¹öÆÛ ¿À¹öÇ÷οì´Â °ø°ÝÀÚ°¡ (1) NetShareEnum, (2) NetServerEnum2, ȤÀº (3) NetServerEnum3¿¡ ´ëÇÑ ¿äûÀ¸·Î SMB_COM_TRANSACTION ÆÐŶÀ» ÅëÇØ ¼ºñ½º°ÅºÎ¸¦ À¯¹ßÇÏ°Ô ÇÒ ¼ö ÀÖ´Ù. °ø°ÝÀÚ´Â »ç¿ëÀÚ °èÁ¤À» °¡Áö°Å³ª ȤÀº À͸í(Anonymous)ÀÇ ±ÇÇÑÀ¸·Î À̸¦ ÇàÇÒ ¼ö ÀÖ´Ù. È®½ÇÇÏÁö´Â ¾ÊÁö¸¸ ÀÓÀÇÀÇ ÄÚµå ½ÇÇ൵ °¡´ÉÇÒ ¼ö ÀÖ´Ù.
* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ ¿ø°ÝÁö È£½ºÆ®ÀÇ ·¹Áö½ºÆ®¸®¸¦ ¾×¼¼½ºÇÒ ¼ö ÀÖ´Â Guest ȤÀº ±× ÀÌ»óÀÇ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù. ¸¸¾à ¹öÆÛ ¿À¹öÇ÷οì Å×½ºÆ®¸¦ ÇØ º¸°íÀÚ ÇÑ´Ù¸é, Á¤Ã¥ÆíÁý±â¿¡¼ "Denial of Service Attacks"¿¡ ÀÖ´Â "SMB/windows/netshare/dos" Ç׸ñÀ» Enable ½ÃŲ ÈÄ Á¡°ËÀ» ÇÏ¸é µÈ´Ù.
* Âü°í »çÀÌÆ®:
http://www.microsoft.com/technet/security/bulletin/MS02-045.asp
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Microsoft Windows NT 4.0 Workstation/Server
Microsoft Windows NT 4.0 Server, Terminal Server Edition
Microsoft Windows 2000 Professional/Server/Advanced Server
Windows XP Professional |
| ÇØ°áÃ¥ |
´ÙÀ½ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ®ÀÇ º¸¾È °Ô½ÃÆÇ MS02-045À» ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ´ëÇÑ ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇÏ¿©¾ß ÇÑ´Ù:
http://www.microsoft.com/technet/security/bulletin/MS02-045.asp
1. ´ÙÀ½ÀÇ ÆäÀÌÁö¸¦ ¿¬´Ù:
Microsoft Windows NT 4.0ÀÇ °æ¿ì: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=18016
Microsoft Windows NT 4.0 Terminal Server EditionÀÇ °æ¿ì: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=20306
Microsoft Windows 2000ÀÇ °æ¿ì: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=138
Microsoft Windows XPÀÇ °æ¿ì: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=7587
Microsoft Windows XP 64 bit EditionÀÇ °æ¿ì: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=10437
2. ¾ð¾î ¼±Åà ¸ñ·Ï¿¡¼ ÇØ´ç ¾ð¾î¸¦ ¼±ÅÃÇÑ ÈÄ <Next> ¹öÆ°À» Ŭ¸¯ÇÑ´Ù.
3. ÆÐÄ¡ ÆÄÀÏÀ» ´Ù¿î¹Þ±â À§ÇØ <Download Now> ¹öÆ°À» Ŭ¸¯ÇÑ´Ù.
4. ÆÐÄ¡¸¦ ¼³Ä¡Çϱâ À§ÇØ ÆÄÀÏÀ» ½ÇÇà½ÃŲ´Ù.
-- ȤÀº --
À©µµ¿ì Ç÷§ÆûµéÀ» À§ÇÑ ÆÐÄ¡µéÀº ¶ÇÇÑ Microsoft Windows Update À¥ »çÀÌÆ®ÀÎ http://windowsupdate.microsoft.com ¿¡¼µµ ±¸ÇÒ ¼ö ÀÖ´Ù. Windows Update´Â »ç¿ëÁßÀÎ À©µµ¿ìÀÇ ¹öÀüÀ» ÀÚµ¿À¸·Î ã¾Æ³»°í ÀûÀýÇÑ ÆÐÄ¡¸¦ Á¦°øÇØ ÁØ´Ù. |
| °ü·Ã URL |
CVE-2002-0724 (CVE) |
| °ü·Ã URL |
5556 (SecurityFocus) |
| °ü·Ã URL |
9933 (ISS) |
|
