English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 19064
À§Çèµµ 40
Æ÷Æ® 79
ÇÁ·ÎÅäÄÝ TCP,UDP
ºÐ·ù DNS
»ó¼¼¼³¸í ISC BIND(Berkeley Internet Name Daemon)´Â DNS (domain name service) ÇÁ·ÎÅäÄÝÀ» ±¸ÇöÇÑ ¼­¹ö À¯Æ¿¸®Æ¼·Î ÀÎÅÍ³Ý »ó¿¡¼­ ±¤¹üÀ§ÇÏ°Ô »ç¿ëµÈ´Ù. BIND ¼­¹öÀÇ ¹öÀü Á¤º¸¿¡ µû¸£¸é, ISC BIND 9.10.4-P5 ÀÌÀüÀÇ 9.10.x ¹öÀüÀº ´ÙÀ½°ú °°ÀÌ ´ÙÁß ¼­ºñ½º °ÅºÎ Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.

- RTYPE ANY Äõ¸®¿¡ ÀÀ´äÇÏ´Â Á¶ÀÛµÈ ÆÐŶÀ» ó¸®ÇÒ ¶§ ¼­ºñ½º °ÅºÎ°¡ ¹ß»ýÇÑ´Ù. (CVE-2016-9131)

- DNSSEC-enabled ±ÇÇÑ ¼­¹ö¿¡¼­ ¸ð¼øÀûÀÎ DNSSEC Á¤º¸°¡ Æ÷ÇÔµÈ Äõ¸® ÀÀ´äÀ» ó¸®ÇÒ ¶§ ¼­ºñ½º °ÅºÎ°¡ ¹ß»ýÇÑ´Ù. (CVE-2016-9147)

- DS ¸®¼Ò½º ·¹Äڵ带 Æ÷ÇÔÇÏ´Â Á¶ÀÛµÈ ÀÀ´äÀ» ó¸®ÇÒ ¶§ ¼­ºñ½º °ÅºÎ°¡ ¹ß»ýÇÑ´Ù. (CVE-2016-9444)

- Ưº°È÷ Á¶ÀÛµÈ Äõ¸®¸¦ nxdomain-redirect ±â´É¿¡¼­ ó¸®ÇÒ ¶§ ¼­ºñ½º °ÅºÎ°¡ ¹ß»ýÇÑ´Ù. (CVE-2016-9778)

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº ÀÌ Ãë¾àÁ¡À» Á¡°ËÇϱâ À§ÇØ ÇØ´ç DNS ¼­¹öÀÇ ¹è³Ê Á¤º¸¸¸À» È®ÀÎÇÑ´Ù. µû¶ó¼­ °ÅÁþ ¾ç¼º¹ÝÀÀ(False Positive)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
https://kb.isc.org/article/AA-01439
https://kb.isc.org/article/AA-01440
https://kb.isc.org/article/AA-01441
https://kb.isc.org/article/AA-01442

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Internet Software Consortium, BIND version 9.10.x < 9.10.4-P5
Any operating system Any version
ÇØ°áÃ¥ Internet Software Consortium (ISC) À¥ »çÀÌÆ®ÀÎ http://www.isc.org/downloads/BIND/ ¿¡¼­ ±¸ÇÒ ¼ö ÀÖ´Â BINDÀÇ °¡Àå ÃֽŠ¹öÀü(9.10.4-P5 ȤÀº ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù.
°ü·Ã URL CVE-2016-9131,CVE-2016-9147,CVE-2016-9444,CVE-2016-9778 (CVE)
°ü·Ã URL 95386,95388,95390,95393 (SecurityFocus)
°ü·Ã URL (ISS)