| Ãë¾àÁ¡ID |
21094 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
CGI |
| »ó¼¼¼³¸í |
ÇØ´ç À¥¼¹ö¿¡ '/cgi-bin/visadmin.exe' CGI°¡ ¼³Ä¡µÇ¾î ÀÖ´Ù.
OmniHTTPD´Â MS Windows Ç÷§ÆûÀ» À§ÇÑ Omnicron¿¡ ÀÇÇØ Á¦°øµÈ À¥¼¹öÀÌ´Ù. ÀÌ À¥¼¹ö¿¡ ±âº»ÀûÀ¸·Î µþ·Á¼ ¼³Ä¡µÇ´Â CGI À¯Æ¿¸®Æ¼ ÁßÀÇ ÇϳªÀÎ '/cgi-bin/visadmin.exe'¿¡ ¹ö±×°¡ Æ÷ÇԵǾî ÀÖÀ¸¸ç ÀÌ ¹ö±×¸¦ ÀÌ¿ëÇϸé ÇØ´ç À¥¼¹ö¿¡ ¼ºñ½º°ÅºÎ °ø°ÝÀ» ¼öÇàÇÒ ¼ö ÀÖ´Ù. 'visadmin.exe'À» ´ÙÀ½°ú °°ÀÌ ¼öÇàÇÏ¸é ±×·± Çö»óÀÌ ¹ß»ýÇÑ´Ù.
http://omni.server/cgi-bin/visadmin.exe?user=guest
±×·¯¸é Çϵåµð½ºÅ©°¡ ²Ë Âû¶§±îÁö Àӽà ÆÄÀϵéÀÌ »ý±ä´Ù.
* Âü°í »çÀÌÆ®:
http://www.iss.net/security_center/static/2271.php
http://www.securityfocus.com/bid/1808
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Web Server |
| ÇØ°áÃ¥ |
/cgi-bin À¸·ÎºÎÅÍ visadmin.exe ÆÄÀÏÀ» »èÁ¦ÇÑ´Ù.
¡Ø Âü°í : Omnicron OmniHTTPDÀÇ 2.0 Alpha 2 release¿¡ ÀÌ ¹®Á¦°¡ fixµÈ °ÍÀ¸·Î º¸ÀδÙ. |
| °ü·Ã URL |
CVE-1999-0970 (CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
