| Ãë¾àÁ¡ID |
21039 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
CGI |
| »ó¼¼¼³¸í |
ÇØ´ç ¼¹ö¿¡ edit.pl CGI°¡ ¼³Ä¡µÇ¾î ÀÖ´Ù. ¸¸¾à ÀÌ CGI°¡ freestats.com¿¡¼ Á¦°øµÈ °ÍÀ̶ó¸é È®ÀÎÀ» °ÅÃÄ Á¶Ä¡ÇÒ ÇÊ¿ä°¡ ÀÖ´Ù. ¿Ö³ÄÇϸé "CLICK HERE TO EDIT YOUR USER PROFILE & COUNTER INFO" Ç׸ñÀ» Ŭ¸¯ÇÏ¿© ¸ðµç AccountÀÇ Á¤º¸¸¦ º¼ ¼ö ÀÖÀ¸¸ç ¼öÁ¤¶ÇÇÑ °¡´ÉÇÏ´Ù.
* Âü°í »çÀÌÆ®:
http://www.securityfocus.com/bid/2713
http://www.packetstormsecurity.org/new-exploits/freestats-cgi.txt
http://seclists.org/bugtraq/1998/Nov/262
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Web Server |
| ÇØ°áÃ¥ |
cgi-bin µð·ºÅ丮³»¿¡ ÀÖ´Â edit.pl ÆÄÀÏÀ» Á¦°ÅÇÑ´Ù. |
| °ü·Ã URL |
(CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
