| Ãë¾àÁ¡ID |
21186 |
| À§Çèµµ |
20 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
WWW |
| »ó¼¼¼³¸í |
IIS 4.0¼¹ö´Â ½ÇÁ¦ Á¸ÀçÇÏÁö ¾Ê´Â .ida ȤÀº .idq ȤÀº .idc È®ÀåÀÚ¸¦ °¡Áø ÆÄÀÏ¿¡ ´ëÇØ request¸¦ ÇÒ °æ¿ì, Document rootÀÇ ½ÇÁ¦ Æнº¸íÀ» º¸¿©ÁÖ´Â Ãë¾àÁ¡ÀÌ ÀÖ´Ù. ÀÌ Á¤º¸´Â Attacker¿¡°Ô À¯¿ëÇÑ Á¤º¸°¡ µÇ¾î º¸´Ù Á¤È®ÇÑ °ø°ÝÀ» °¡´ÉÇÏ°Ô ÇÑ´Ù.
* Âü°í »çÀÌÆ®:
http://cgi.nessus.org/plugins/dump.php3?id=10492 |
| ÇØ°áÃ¥ |
'Preferences -> Home directory -> Application'¸¦ ¼±ÅÃÇÏ°í, ÇØ´ç ¼¹öÀÇ IISAPI ¸ÊÇο¡ ´ëÇÑ 'Check if file exists' ¹Ú½º¸¦ üũÇØ ÁØ´Ù. |
| °ü·Ã URL |
CVE-2000-0071 (CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
