English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 29075
À§Çèµµ 40
Æ÷Æ® 161
ÇÁ·ÎÅäÄÝ UDP
ºÐ·ù CISCO
»ó¼¼¼³¸í ÇØ´ç Cisco IOS´Â H.323 ¸Þ½ÃÁö ó¸® °úÁ¤¿¡ ´ÙÁßÀÇ Ãë¾àÁ¡µéÀ» °¡Áö°í ÀÖ´Ù.
Oulu ´ëÇб³ º¸¾È ÇÁ·Î±×·¡¹Ö ±×·ì(OUSPG)Àº H.323 ¸Þ½ÃÁö¸¦ ó¸®ÇÏ´Â °úÁ¤¿¡¼­ ´Ù¼öÀÇ Ãë¾àÁ¡µéÀ» ¹ß°ßÇÏ°í À̸¦ À§ÇÑ Å×½ºÆ® suite(PROTOSTest-Suite c07-h2250v4)¸¦ °³¹ßÇÏ¿´´Ù. H.323Àº ITU(International Telecommunications Union) Ç¥ÁØÀ¸·Î ÆÐŶ(IP) ±â¹ÝÀÇ ³×Æ®¿öÅ© »ó¿¡¼­ ½Ç½Ã°£ ¸ÖƼ¹Ìµð¾î Åë½Å°ú ȸÀǸ¦ Áö¿øÇÏ´Â ÇÁ·ÎÅäÄÝÀÌ´Ù. ÀÌ H.323 °ü·Ã Ãë¾àÁ¡µéÀº ¼­ºñ½º °ÅºÎ(DoS) °ø°Ý¿¡ µµ¿ëµÉ ¼ö ÀÖÀ¸¸ç ¼º°øÀûÀ¸·Î µµ¿ëµÉ °æ¿ì, Ãë¾àÇÑ ÀåºñµéÀ» Å©·¡½¬(crash) ½ÃÅ°°Å³ª ½Ã½ºÅÛ Á¤Áö(hang) À¯¹ßÇÒ ¼ö ÀÖ´Ù. ¿ø°ÝÁö °ø°ÝÀÚµéÀº Å×½ºÆ® suite PROTOSTest-Suite c07-h2250v4¸¦ ÀÌ¿ëÇؼ­, H.323 PDUs(Protocol Data Units)ÀÇ °¢Á¾ Çʵ忡 ¿¹¿ÜÀûÀÎ °ª ¶Ç´Â ¸Å¿ì ±ä °ªÀ» ä¿î Å×½ºÆ® ÆÐŶÀ» ¸¸µé°í À̸¦ Ãë¾àÇÑ Àåºñ¿¡ Àü´ÞÇÒ ¼ö ÀÖ´Ù. ÀÌ´Â ´Ù¾çÇÑ ÆĽÌ(parsing) ¹× ó¸®(processing) °ü·Ã ÇÔ¼öµéÀÇ ½ÇÆи¦ À¯µµÇÏ¿© ±Þ±â¾ß Àåºñ°¡ Å©·¡½¬(crash)µÇ°í ÀçºÎÆõǴ °á°ú¸¦ ÃÊ·¡ÇÑ´Ù. Àåºñ°¡ Á¤»óÀûÀÎ ±â´ÉÀ» ȸº¹Çϱâ À§Çؼ­´Â ÀåºñÀÇ ÀçºÎÆÃÀÌ ÇÊ¿äÇÏ´Ù.

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº ÀÌ Ãë¾àÁ¡À» Á¡°ËÇϱâ À§ÇØ ÇØ´ç ½Ã½ºÅÛÀÇ ¹öÀüÁ¤º¸¸¸À» È®ÀÎÇÑ´Ù. µû¶ó¼­ °ÅÁþ ¾ç¼º¹ÝÀÀ(False Positive)À» º¸ÀÏ ¼ö ÀÖ´Ù. ÀÌ Á¡°ËÇ׸ñÀº ¶ÇÇÑ ¹öÀüÁ¤º¸¸¦ ¼öÁýÇϱâ À§ÇÏ¿© Àб⠱ÇÇÑÀÇ SNMP Community ¹®ÀÚ¿­À» ÇÊ¿ä·Î ÇÑ´Ù. À̸¦ À§Çؼ­´Â Á¤Ã¥ ÆíÁý±â¿¡¼­ Á¡°ËÇ׸ñ "snmp/guessable/r"¿¡ Ÿ´çÇÑ Community ¹®ÀÚ¿­À» Ãß°¡ÇÏ¿©¾ß ÇÑ´Ù.

* Âü°í »çÀÌÆ®:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040113-h323

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Cisco ATA 18x Any version
Cisco BTS 10200 Any version
Cisco CallManager 3.0 through 3.3
Cisco Conference Connection (CCC) Any version
Cisco Internet Service Node (ISN) Any version
Cisco IP Phone 7905 1.00
Cisco IOS 11.3T
Cisco IOS 12.0,12.0S,12.0T,12.0XC,12.0XD,12.0XG-12.0XL,12.0XN,12.0XR,12.0XT
Cisco IOS 12.1,12.1AA,12.1E,12.1EC,12.1EZ,12.1T,12.1X-12.1XD,12.1XL,12.1XM
Cisco IOS 12.1XP-12.1XR,12.1XT-12.1XV,12.1YB-12.1YF,12.1YH,12.1YI,12.1YJ
Cisco IOS 12.2,12.2BX,12.2DD,12.2DX,12.2MC,12.2MX,12.2S,12.2X-12.2XN,12.2XQ
Cisco IOS 12.2XS-12.2XU,12.2XW, 12.2YB-12.2YZ, 12.2ZA-12.2ZH,12.2ZJ,12.2ZL
H.323 ÆÐŶ ó¸® ±â´ÉÀ» Áö¿øÇÏ´Â Cisco IOS ¼ÒÇÁÆ®¿þ¾î¸¦ žÀçÇÑ Cisco ¸ðµç Àåºñµé
ÇØ°áÃ¥ ´ÙÀ½ Cisco º¸¾È ±Ç°í¾È(Vulnerabilities in H.323 Message Processing)ÀÇ "Software Versions and Fixes" ¸¦ ÂüÁ¶ÇÏ¿© ¹®Á¦°¡ ÇØ°áµÈ ¹öÀüÀ¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040113-h323

¾÷±×·¹À̵åµéÀº Cisco À¥ »çÀÌÆ®ÀÎ http://www.cisco.com ¿¡ ÀÖ´Â Software Center¸¦ ÅëÇØ ±¸ÇÒ ¼ö ÀÖ´Ù.

ÀÚ¼¼ÇÑ ³»¿ëÀº ´ÙÀ½ »çÀÌÆ®¿¡¼­ º¼ ¼ö ÀÖ´Ù:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040113-h323
°ü·Ã URL CVE-2004-0054 (CVE)
°ü·Ã URL 9406 (SecurityFocus)
°ü·Ã URL 14204 (ISS)