| Ãë¾àÁ¡ID |
21178 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
CGI |
| »ó¼¼¼³¸í |
ÇØ´ç À¥¼¹ö¿¡ ftp.pl CGI°¡ Á¸ÀçÇÑ´Ù. ÀÌ CGI´Â ¿ÜºÎ¿¡¼ ÀÓÀÇÀÇ µð·ºÅ丮 ³»¿ëÀ» ¸®½ºÆÃÇØ º¼ ¼ö ÀÖ°Ô ÇÑ´Ù. ¿¹¸¦µé¾î, ´ÙÀ½°ú °°ÀÌ ¿äûÀ» Çϸé
http://target/cgi-bin/ftp/ftp.pl?dir=../../../../../../etc
/etc µð·ºÅ丮ÀÇ ÆÄÀϸ®½ºÆ®¸¦ º¼ ¼ö ÀÖ´Ù.
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
¸ðµç HTTP ¼¹ö ¸ðµç ¹öÀü
¸ðµç ¿î¿µÃ¼Á¦ ¸ðµç ¹öÀü |
| ÇØ°áÃ¥ |
/cgi-bin µð·ºÅ丮³»¿¡ ftp.pl ÆÄÀÏÀ» »èÁ¦ÇÑ´Ù. |
| °ü·Ã URL |
CVE-2000-0674 (CVE) |
| °ü·Ã URL |
1471 (SecurityFocus) |
| °ü·Ã URL |
5187 (ISS) |
|
