| Ãë¾àÁ¡ID |
21127 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
CGI |
| »ó¼¼¼³¸í |
IIS ¼¹ö¿¡ ¿¹Á¦ ÆÄÀϵéÀÎ "ExAir" ÆäÀÌÁöµéÀÌ Á¸ÀçÇÑ´Ù.
- /iissamples/exair/search/query.asp
- /iissamples/exair/search/advsearch.asp
- /iissamples/exair/search/search.asp
ÀÌ·¯ÇÑ ¿¹Á¦ ÆäÀÌÁöµé¿¡´Â ¼ºñ½º °ÅºÎ °ø°ÝÀÌ Á¸ÀçÇÑ´Ù. ¸¸¾à ExAir active server pageµéÀÌ main ÆäÀÌÁö¸¦ ÅëÇÑ È£Ãâ¾øÀÌ Á÷Á¢ÀûÀ¸·Î È£ÃâµÈ´Ù¸é ±× ÆäÀÌÁöµéÀº DLLµéÀ» ¿Ã¹Ù¸£°Ô load ÇÏÁö ¸øÇÑ´Ù. °á°úÀûÀ¸·Î IIS ¼¹ö´Â ÀÛµ¿ÀÌ ¸ØÃß¸é¼ CPU »ç¿ëÀ²À» 100 %·Î ¿Ã·Á ³õ´Â´Ù.
* Âü°í »çÀÌÆ®:
http://www.iss.net/security_center/static/2229.php
http://archives.neohapsis.com/archives/bugtraq/1999_1/0336.html
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Microsoft IIS Server |
| ÇØ°áÃ¥ |
¿¹Á¦ IIS site ÆäÀÌÁöµéÀ» »èÁ¦ÇØ¾ß ÇÑ´Ù. (Windows NT Option Pack 4 Setup¿¡ ÀÚ¼¼ÇÑ ³»¿ëÀÌ ÀÖ´Ù) |
| °ü·Ã URL |
CVE-1999-0449 (CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
