| Ãë¾àÁ¡ID |
21295 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
CGI |
| »ó¼¼¼³¸í |
ÇØ´ç À¥ ¼¹ö¿¡ ¼³Ä¡µÇ¾î ÀÖ´Â Coppermine Photo Gallery´Â ´ÙÁßÀÇ Ãë¾àÁ¡µé¿¡ Ãë¾àÇÏ´Ù.
Gregory Demar¿¡ ÀÇÇØ °³¹ßµÈ Coppermine Photo Gallery´Â MySQL µ¥ÀÌÅͺ£À̽º¸¦ »ç¿ëÇÏ´Â ¹«·á·Î »ç¿ë °¡´ÉÇÑ PHP ±â¹ÝÀÇ À̹ÌÁö °¶·¯¸® ½ºÅ©¸³Æ®ÀÌ´Ù. Coppermine Photo Gallery ¹öÀü 1.2.2b ±×¸®°í 1.2.0 RC4¿¡´Â ´Ù¼öÀÇ Ãë¾àÁ¡µéÀÌ º¸°í µÇ¾ú´Ù. ¿ø°ÝÁöÀÇ °ø°ÝÀÚ´Â ´ë»ó ½Ã½ºÅÛ »ó¿¡¼ ÀÓÀÇÀÇ PHP Äڵ带 ½ÇÇà½ÃÅ°°í Cross-Site Scripting °ø°ÝµéÀ» ¼öÇàÇÒ ¼ö ÀÖÀ¸¸ç ¼³Ä¡ °æ·Î¸íÀ» ¾Ë¾Æ³¾ ¼ö ÀÖ´Ù. ¶ÇÇÑ PHP-Nuke °ü¸®ÀÚ ±ÇÇÑÀ» °¡Áø ¿ø°ÝÁöÀÇ °ø°ÝÀÚ´Â ½Ã½ºÅÛ »ó¿¡ ÀÓÀÇÀÇ Shell ¸í·ÉµéÀ» ½ÇÇà½Ãų ¼öµµ ÀÖ´Ù.
* Âü°í »çÀÌÆ®:
http://secunia.com/advisories/11524/
http://www.securitytracker.com/alerts/2004/Apr/1010001.html
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Gregory Demar, Coppermine Photo Gallery 1.2.0 RC4
Gregory Demar, Coppermine Photo Gallery 1.2.2b
Microsoft Windows Any version
Unix Any version |
| ÇØ°áÃ¥ |
2014³â 6¿ù ÇöÀç ÀÌ Ãë¾àÁ¡¿¡ ´ëÇÑ ÆÐÄ¡³ª ¾÷±×·¹À̵å´Â ³ª¿Í ÀÖÁö ¾Ê´Ù. |
| °ü·Ã URL |
CVE-2004-1985,CVE-2004-1986,CVE-2004-1987,CVE-2004-1988,CVE-2004-1989 (CVE) |
| °ü·Ã URL |
10253 (SecurityFocus) |
| °ü·Ã URL |
16039,16040,16041,16042,16043 (ISS) |
|
