| Ãë¾àÁ¡ID |
16025 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
21 |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
FTP |
| »ó¼¼¼³¸í |
ÇØ´ç ½Ã½ºÅÛ¿¡ ncftp 2.4.2 ¹öÀüÀÇ FTP ¼ºñ½º°¡ °¡µ¿µÇ°í ÀÖ´Ù. ÀÌ FTP ¹öÀüÀº Àüü µð·ºÅ丮¿¡ ´ëÇÑ ÀÚµ¿ ´Ù¿î·Îµå ±â´É(get -R)À» °¡Áö°í Àִµ¥ ´Ù¿î·Îµå ¶§ µð·ºÅ丮µéÀÌ system() È£ÃâÀ» ÀÌ¿ëÇؼ »ý¼ºµÈ´Ù. ¾î¶² °æ¿ì µð·ºÅ丮ÀÇ ±íÀÌ°¡ ±íÀº °æ¿ì ¾û¶×ÇÑ °á°ú¸¦ ÃÊ·¡ÇÏ´Â Command°¡ ÇØ´ç ¼¹ö¿¡¼ ½ÇÇàµÉ ¼ö ÀÖ´Â Ãë¾àÁ¡À» °¡Áö°í ÀÖ´Ù.
* Âü°í »çÀÌÆ®:
http://www.redhat.com/support/errata/rh50-errata-general.html#ncftp
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
ncftp 2.4.2 |
| ÇØ°áÃ¥ |
system() È£ÃâÀÌ ¾Æ´Ï¶ó mkdir() ÇÔ¼ö·Î ´ëüµÈ ¹öÀüÀ» ±¸ÇÏ¿© ¼³Ä¡ÇÏ¿©¾ß ÇÑ´Ù. ftp://ftp.ncftp.com/ncftp¿¡¼ µð·ºÅ丮¿¡¼ ÃֽŠ¹öÀüÀ» ´Ù¿î·Îµå ¹Þ¾Æ ¼³Ä¡ÇÑ´Ù. |
| °ü·Ã URL |
CVE-1999-1333 (CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
7240 (ISS) |
|
