| Ãë¾àÁ¡ID |
21145 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
CGI |
| »ó¼¼¼³¸í |
ÇØ´ç À¥¼¹ö¿¡ /scripts/tools/newdsn.exe CGI ÇÁ·Î±×·¥ÀÌ ³²¾Æ ÀÖ´Ù. ÀÌ CGI´Â Cracker°¡ NTFS Æ۹̼ÇÀÌ Çã¿ëÇÏ´Â ¹üÀ§³»¿¡¼ ½Ã½ºÅÛ»óÀÇ ¾îµð¿¡¼µçÁö ÆÄÀÏÀ» »ý¼º ¶Ç´Â OverwriteÇÒ ¼ö ÀÖ´Ù.
Microsoft's Internet Information Server 3.0°ú ÇÔ²² ¼³Ä¡µÇ´Â ¿¹Á¦ ÆÄÀÏÀÎ newdsn.exeÀº attacker°¡ ÀÓÀÇÀÇ ÆÄÀÏÀ̸§À¸·Î À¥¼¹ö»ó¿¡ ÀÓÀÇÀÇ Microsoft Access files (*.mdb)¿ï »ý¼ºÇÒ ¼ö ÀÖ´Â Ãë¾àÁ¡À» °¡Áö°í ÀÖ´Ù. ½ÉÁö¾î ¾î¶² ÆÄÀÏ¸í¿¡ ¾î¶² È®ÀåÀÚ¸íÀ» °¡Áö°í ÀÖ´õ¶óµµ Microsoft Access Æ÷¸ËÀÇ ÆÄÀÏÀ» »ý¼º ¶Ç´Â OverwriteÇÒ ¼ö ÀÖ´Ù.
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Microsoft IIS Server |
| ÇØ°áÃ¥ |
/scripts/tools/newdsn.exe ÆÄÀÏÀ» »èÁ¦ÇÑ´Ù. |
| °ü·Ã URL |
CVE-1999-0191 (CVE) |
| °ü·Ã URL |
1818 (SecurityFocus) |
| °ü·Ã URL |
1530 (ISS) |
|
