| Ãë¾àÁ¡ID |
17036 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
|
| ÇÁ·ÎÅäÄÝ |
UDP |
| ºÐ·ù |
RPC |
| »ó¼¼¼³¸í |
ÇØ´ç rpc.statd µ¥¸óÀº ÆÄÀÏ »ý¼º, »èÁ¦ °ø°Ý¿¡ Ãë¾àÇÏ´Ù.
Rpc.statd (ȤÀº ´Ü¼øÈ÷ ¸î¸î ½Ã½ºÅÛ¿¡¼´Â statd)´Â NFS file-locking Status MonitorÀÌ´Ù. RPC (Remote Procedure Call) statd´Â NFS (Network File System)À» ÅëÇØ file locking¿¡ ´ëÇÑ Crash¿Í Recovery ±â´ÉÀ» Á¦°øÇϱâ À§ÇØ RPC lockd¿Í ÇÔ²² »óÈ£ÀÛµ¿ÇÏ¸é¼ »óÅ Á¤º¸¸¦ À¯Áö, °ü¸®ÇÑ´Ù.
Statd´Â ¿ø°ÝÁöÀÇ lockd·Î ºÎÅÍ ¹Þ´Â Á¤º¸¸¦ °ËÁõÇÏÁö ¾Ê´Â ¹®Á¦¸¦ °¡Áö°í ÀÖ´Ù. ºÎ¸ð µð·ºÅ丮("../")¸¦ Æ÷ÇÔÇÏ´Â Á¶ÀÛµÈ ¿äûÀ» Statd ¼ºñ½º·Î º¸³¿À¸·Î½á °ø°ÝÀÚ´Â ÇØ´ç È£½ºÆ® »óÀÇ ÀÓÀÇÀÇ µð·ºÅ丮¿¡ ÆÄÀÏÀ» »ý¼º½ÃÅ°µµ·Ï rpc.statd¿¡ °ÅÁþ Á¤º¸¸¦ Á¦°øÇÒ ¼ö ÀÖ´Ù. ÀÌ°ÍÀº ÇØ´ç È£½ºÆ® »ó¿¡ »õ·Î¿î ÆÄÀϵéÀ» »ý¼º½ÃÅ°°Å³ª ±âÁ¸ÀçÇÏ´Â ÆÄÀϵéÀ» µ¤¾î¾²±âÇϴµ¥ »ç¿ëµÉ ¼ö ÀÖ´Ù.
* ¾Ë¸²: ÀÌ °ø°ÝÀÌ ¼º°øÀûÀ¸·Î ¼öÇàÀÌ µÇ¾ú´ÂÁö¸¦ ¿ø°ÝÀ¸·Î °ËÁõÇÏ´Â ¹æ¹ýÀº ¾ø´Ù. ¸¸¾à üũ½Ã ½ºÄµµÈ È£½ºÆ®·ÎºÎÅÍ ¿¡·¯ ¸Þ½ÃÁö¸¦ ¹ÞÁö ¾Ê´Â´Ù¸é ÇØ´ç ½Ã½ºÅÛÀº Ãë¾àÇÑ °ÍÀ¸·Î ¸®Æ÷Æ® µÉ °ÍÀÌ´Ù. ÀÌ ½ºÄ³³Ê´Â /tmp µð·ºÅ丮¿¡ 'by_scanner.statd.vulnerability'¶ó ºÒ¸®´Â ÆÄÀÏÀÇ »ý¼ºÀ» ½ÃµµÇÑ´Ù. ¸¸¾à ½ºÄµÀÌ ¿Ï·áµÈ ÈÄ ÀÌ ÆÄÀÏÀÌ ÇØ´ç È£½ºÆ®¿¡ Á¸ÀçÇÑ´Ù¸é ±× È£½ºÆ®´Â Ãë¾àÇÏ´Ù.
* Âü°í »çÀÌÆ®:
http://www.iss.net/security_center/static/109.php
http://www.cert.org/advisories/CA-1996-09.html
Ãë¾àÇÑ Ç÷§Æû:
AIX: All Versions
DG/UX: All Versions
HP-UX 10.x
HP-UX 9.x
IRIX: All Versions
NCR MP-RAS: All Versions
NEC EWS-UX/V: All Versions
NEC UP-UX/V: All Versions
NEC UX/4800: All Versions
NeXTSTEP: All Versions
Solaris: 2.4, 2.5, 2.5.1 |
| ÇØ°áÃ¥ |
¸¸¾à ÇØ´ç È£½ºÆ®°¡ NFS Ŭ¶óÀ̾ðÆ®³ª ¼¹ö·Î ÀÛµ¿ÇÏÁö ¾Ê´Â´Ù¸é 'rpc.statd' rpc ¼ºñ½º¸¦ ÀÛµ¿ÁßÁö½ÃÄÑ¾ß ÇÑ´Ù.
-- ȤÀº --
¿î¿µÃ¼Á¦¿¡ ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
Hewlett-PackardÀÇ °æ¿ì:
https://h20566.www2.hp.com/portal/site/hpsc/patch/home/¸¦ ÂüÁ¶ÇÏ¿© ¾Æ·¡ÀÇ ¸®½ºÆ®¿Í °°ÀÌ ÆÐÄ¡ÇÑ´Ù:
Series 300/400 HP-UX 9.X: PHNE_7371 and PHNE_7372
Series 700/800 HP-UX 9.X: PHNE_7072
Series 700/800 HP-UX 10.X: PHNE_7073
Series 700 HP-UX 9.08 BLS: PHNE_8015
Series 700 HP-UX 9.09 BLS: PHNE_8016
Series 700 HP-UX 9.09+ BLS: PHNE_8017
Series 700 HP-UX 10.09 CMW: PHNE_8018
Series 700 HP-UX 10.09.01 CMW: PHNE_8019
Series 700 HP-UX 10.16 CMW: PHNE_8020
AIX 3.2ÀÇ °æ¿ì:
Vender¿Í »óÀÇÇÏ¿© APAR IX56056¸¦ ÆÐÄ¡ÇÑ´Ù.
AIX 4.1ÀÇ °æ¿ì:
Vender¿Í »óÀÇÇÏ¿© APAR IX55931¸¦ ÆÐÄ¡ÇÑ´Ù.
Sony NEWS-OSÀÇ °æ¿ì:
CERT ±Ç°í¾È CA-1996-09, Áï http://www.cert.org/advisories/CA-1996-09.html ¿¡ ÀÖ´Â ¸®½ºÆ®¸¦ ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
SunOSÀÇ °æ¿ì:
º¥´õ¿¡ ¹®ÀÇÇÏ¿© ¾÷±×·¹À̵峪 ÆÐÄ¡¿¡ ´ëÇØ ¹®ÀÇÇÏ¿©¾ß ÇÑ´Ù. ¶Ç´Â ÃֽŠ¹öÀüÀÇ SunOS·Î ¾÷±×·¹À̵å ÇÑ´Ù.
IRIXÀÇ °æ¿ì:
SGI º¸¾È ±Ç°í¾È 19971201-01-P, Áï ftp://patches.sgi.com/support/free/security/advisories/19971201-01-P1391 ¿¡ ÀÖ´Â ¸®½ºÆ®¸¦ ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
NCR CorporationÀÇ °æ¿ì:
CERT ±Ç°í¾È CA-1996-09, Áï http://www.cert.org/advisories/CA-1996-09.html ¿¡ ÀÖ´Â ¸®½ºÆ®¸¦ ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
±âŸÀÇ °æ¿ì:
º¥´õ¿¡ ¹®ÀÇÇÏ¿© ¾÷±×·¹À̵峪 ÆÐÄ¡¿¡ ´ëÇØ ¹®ÀÇÇÏ¿©¾ß ÇÑ´Ù. |
| °ü·Ã URL |
CVE-1999-0019 (CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
