| Ãë¾àÁ¡ID |
21158 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
CGI |
| »ó¼¼¼³¸í |
'ttawebtop.cgi' CGI°¡ ¼³Ä¡µÇ¾î ÀÖÀ¸¸ç µð·ºÅ丮 Ž»ö (Directory Traversal) Ãë¾àÁ¡¿¡ Ãë¾àÇÏ´Ù. ÀÌ CGI´Â Tarantella EnterpriseÀÇ ÀϺκÐÀ¸·Î ¼Õ½±°Ô ¾î¶² ¾ÖÇø®ÄÉÀ̼ÇÀÌ À¥ »ó¿¡¼ ±¸µ¿ °¡´ÉÇÏ°Ô ÇÑ´Ù.
Tarantella Enterprise ¹öÀü 3.00°ú 3.01ÀÇ ttawebtop.cgi ½ºÅ©¸³Æ®¿¡ ÀÖ´Â Ãë¾àÁ¡Àº "dot dot" ½ÃÄö½º (/../)°¡ µ¡ºÙ¿©Áø Àß Á¶ÀÛµÈ URLÀ» º¸³¿À¸·Î½á À¥¼¹ö »óÀÇ µð·ºÅ丮µéÀ» Ž»öÇÏ¿© ÀÓÀÇÀÇ ÆÄÀϵéÀ» º¼ ¼ö ÀÖµµ·Ï ÇØ ÁØ´Ù.
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Web Server |
| ÇØ°áÃ¥ |
Tarantella Enterprise´Â ´õ ÀÌ»ó Áö¿øµÇÁö ¾Ê´Â´Ù. ´Ù¸¥ ¼Ö·ç¼ÇÀ¸·Î ´ëüÇÒ °ÍÀ» ±Ç°íÇÑ´Ù. |
| °ü·Ã URL |
CVE-2001-0805 (CVE) |
| °ü·Ã URL |
2890 (SecurityFocus) |
| °ü·Ã URL |
6723 (ISS) |
|
