Ãë¾àÁ¡ID |
19102 |
À§Çèµµ |
40 |
Æ÷Æ® |
53 |
ÇÁ·ÎÅäÄÝ |
UDP |
ºÐ·ù |
DNS |
»ó¼¼¼³¸í |
¿ø°Ý È£½ºÆ®¿¡ ¼³Ä¡µÈ ISC BIND ¹öÀüÀº 9.16.48-S1 ÀÌÀü ÀÔ´Ï´Ù. µû¶ó¼ cve-2023-50387 ±Ç°í¿¡ ¼³¸íµÈ Ãë¾àÁ¡ÀÇ ¿µÇâ ¹Þ½À´Ï´Ù.
- DNS ÇÁ·ÎÅäÄÝÀÇ DNSSECÀÇ Æ¯Á¤ ºÎºÐ(RFC 4033, 4034, 4035, 6840 ¹× °ü·Ã RFC)Àº ¿ø°Ý °ø°ÝÀÚ°¡ Çϳª ÀÌ»óÀÇ DNSSEC ÀÀ´äÀ» ÅëÇØ ¼ºñ½º °ÅºÎ(CPU ¼Òºñ)¸¦ À¯¹ßÇÒ ¼ö ÀÖÀ½ ÀÔ´Ï´Ù (Àϸí KeyTrap). ¿ì·Á »çÇ× Áß Çϳª´Â ÇÁ·ÎÅäÄÝÀÇ »ç¾çÀÌ ´Ù¼öÀÇ DNSKEY ¹× RRSIG ·¹Äڵ尡 ÀÖ´Â ¿µ¿ªÀÌ ÀÖ´Â °æ¿ì ¾Ë°í¸®ÁòÀÌ DNSKEY¿Í RRSIG ·¹ÄÚµåÀÇ ¸ðµç Á¶ÇÕÀ» Æò°¡ÇØ¾ß ÇÔÀ» ½Ã»çÇÑ´Ù´Â °ÍÀÔ´Ï´Ù. (CVE-2023-50387)
* Âü°í »çÀÌÆ®: https://kb.isc.org/v1/docs/cve-2023-50387
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû: ISC BIND ¹öÀü 9.9.3-S1 < 9.16.48-S1 Any operating system Any version |
ÇØ°áÃ¥ |
Internet Software Consortium (ISC) À¥ »çÀÌÆ®ÀÎ http://www.isc.org/downloads/BIND/ ¿¡¼ ±¸ÇÒ ¼ö ÀÖ´Â BINDÀÇ °¡Àå ÃֽŠ¹öÀü(9.16.48-S1 ȤÀº ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù. |
°ü·Ã URL |
CVE-2023-50387 (CVE) |
°ü·Ã URL |
103189 (SecurityFocus) |
°ü·Ã URL |
(ISS) |
|