| Ãë¾àÁ¡ID |
21107 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
CGI |
| »ó¼¼¼³¸í |
ÇØ´ç À¥¼¹ö´Â O'Reilly WebSiteÀÎ °ÍÀ¸·Î º¸À̸ç '/cgi-dos/args.bat' CGI°¡ ÀνºÅçµÇ¾î ÀÖ´Ù.
O'Reilly WebSite 2.0 ÀÌÀü ¹öÀüµé¿¡ Æ÷ÇÔµÈ args.bat ÇÁ·Î±×·¥Àº attacker°¡ httpd µ¥¸óÀÇ ±ÇÇÑÀ» °¡Áö°í À¥¼¹ö³»ÀÇ ÀÓÀÇÀÇ ¸í·ÉÀ» ¼öÇàÇÒ ¼ö Ãë¾àÁ¡À» °¡Áö°í ÀÖ´Ù.
´ÙÀ½°ú °°ÀÌ Çϸé Ãë¾àÁ¡ÀÌ ÀÖ´ÂÁö ¿©ºÎ¸¦ Å×½ºÆ®ÇØ º¼ ¼ö ÀÖ´Ù.
http://website.host/cgi-dos/args.bat?"&any+dos+command"
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Web Server |
| ÇØ°áÃ¥ |
CGI µð·ºÅ丮µé·Î ºÎÅÍ '/cgi-dos/args.bat' ÆÄÀÏÀ» Æ÷ÇÔÇÑ ¿¹Á¦ ÇÁ·Î±×·¥µéÀº »èÁ¦ÇÏ¿©¾ß ÇÑ´Ù. ±×¸®°í ¼¹ö´Â WebsiteÀÇ °¡Àå ÃֽŠ¹öÀüÀ¸·Î ¾÷±×·¹À̵åÇÑ´Ù. |
| °ü·Ã URL |
CVE-1999-1180 (CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
