English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 19108
À§Çèµµ 40
Æ÷Æ® 53
ÇÁ·ÎÅäÄÝ UDP
ºÐ·ù DNS
»ó¼¼¼³¸í ¿ø°Ý È£½ºÆ®¿¡ ¼³Ä¡µÈ ISC BIND ¹öÀüÀº Å×½ºÆ® ¹öÀü ÀÌÀüÀÔ´Ï´Ù. µû¶ó¼­ CVE-2024-4076, CVE-2024-1975, CVE-2024-1737 , CVE-2024-0760 ±Ç°í¿¡ ¼³¸íµÈ ´ÙÁß Ãë¾àÁ¡ÀÇ ¿µÇâ ¹Þ½À´Ï´Ù.

- ¿À·¡µÈ µ¥ÀÌÅ͸¦ Á¦°øÇÏ°Ô ¸¸µå´Â Ŭ¶óÀ̾ðÆ® Äõ¸®¿Í ·ÎÄà ±ÇÇÑ ¿µ¿ª µ¥ÀÌÅÍ¿¡¼­ÀÇ Á¶È¸°¡ ÇÊ¿äÇÑ Äõ¸®°¡ µ¿½Ã¿¡ ¹ß»ýÇÏ¸é ¾î¼³¼Ç ½ÇÆÐ(assertion failure)¸¦ ÀÏÀ¸Å³ ¼ö ÀÖ½À´Ï´Ù (CVE-2024-4076).
- ¼­¹ö°¡ "KEY" ¸®¼Ò½º ·¹Äڵ带 Æ÷ÇÔÇÑ ¿µ¿ªÀ» È£½ºÆÃÇϰųª, ¸®Á¹¹ö°¡ ij½Ã¿¡ ÀÖ´Â DNSSEC ¼­¸íµÈ µµ¸ÞÀÎÀÇ "KEY" ¸®¼Ò½º ·¹Äڵ带 DNSSEC °ËÁõÇÏ´Â °æ¿ì, Ŭ¶óÀ̾ðÆ®°¡ SIG(0) ¼­¸íµÈ ¿äû ½ºÆ®¸²À» º¸³» ¸®Á¹¹öÀÇ CPU ¸®¼Ò½º¸¦ °í°¥½Ãų ¼ö ÀÖ½À´Ï´Ù (CVE-2024-1975).
- µ¿ÀÏÇÑ È£½ºÆ® À̸§¿¡ ´ëÇØ »ó´çÇÑ ¼öÀÇ RR(¸ðµç RTYPE)À» º¸À¯ÇÏ°í ÀÖ´Â ¸®Á¹¹ö ij½Ã¿Í ±ÇÇÑ ¿µ¿ª µ¥ÀÌÅͺ£À̽º´Â ÄÜÅÙÃ÷°¡ Ãß°¡µÇ°Å³ª ¾÷µ¥ÀÌÆ®µÉ ¶§, ±×¸®°í ÀÌ À̸§¿¡ ´ëÇÑ Å¬¶óÀ̾ðÆ® Äõ¸®¸¦ ó¸®ÇÒ ¶§ ¼º´ÉÀÌ ÀúÇ쵃 ¼ö ÀÖ½À´Ï´Ù (CVE-2024-1737).
- ¾ÇÀÇÀûÀΠŬ¶óÀ̾ðÆ®°¡ TCP¸¦ ÅëÇØ ¸¹Àº DNS ¸Þ½ÃÁö¸¦ º¸³¾ ¼ö ÀÖ¾î, °ø°ÝÀÌ ÁøÇàµÇ´Â µ¿¾È ¼­¹ö°¡ ºÒ¾ÈÁ¤ÇØÁú ¼ö ÀÖ½À´Ï´Ù. °ø°ÝÀÌ Áß´ÜµÈ ÈÄ¿¡´Â ¼­¹ö°¡ º¹±¸µÉ ¼ö ÀÖ½À´Ï´Ù. ACL »ç¿ëÀ¸·Î´Â ÀÌ °ø°ÝÀ» ¿ÏÈ­ÇÒ ¼ö ¾ø½À´Ï´Ù (CVE-2024-0760).

* Âü°í »çÀÌÆ®:
https://kb.isc.org/docs/cve-2024-4076
https://nvd.nist.gov/vuln/detail/CVE-2024-4076
https://kb.isc.org/docs/cve-2024-1975
https://nvd.nist.gov/vuln/detail/CVE-2024-1975
https://kb.isc.org/docs/cve-2024-1737
https://nvd.nist.gov/vuln/detail/CVE-2024-1737
https://kb.isc.org/docs/cve-2024-0760
https://nvd.nist.gov/vuln/detail/CVE-2024-0760

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
ISC BIND ¹öÀü 9.18.0 < 9.18.27
Any operating system Any version
ÇØ°áÃ¥ Internet Software Consortium (ISC) À¥ »çÀÌÆ®ÀÎ http://www.isc.org/downloads/BIND/ ¿¡¼­ ±¸ÇÒ ¼ö ÀÖ´Â BINDÀÇ °¡Àå ÃֽŠ¹öÀü(9.20.0 ȤÀº ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù.
°ü·Ã URL CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, CVE-2024-4076 (CVE)
°ü·Ã URL 103189 (SecurityFocus)
°ü·Ã URL (ISS)