| Ãë¾àÁ¡ID |
22010 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
80, ¡¦ |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
WWW |
| »ó¼¼¼³¸í |
SSL Handshake Patch°¡ Àû¿ëµÈ Enterprise ¼¹ö 3.6 SP2Àº ¿ø°ÝÁö·Î ºÎÅÍÀÇ ¹öÆÛ ¿À¹öÇÃ·Î¿ì °ø°Ý¿¡ Ãë¾àÇÏ´Ù. Ŭ¶óÀ̾ðÆ®°¡ º¸³»´Â Accept Çì´õ¸¦ ¼¹ö°¡ ´Ù·ç´Â °úÁ¤¿¡¼ HoleÀÌ ÀÖÀ¸¸ç, ±× Ãë¾àÁ¡Àº ¿ø°ÝÁöÀÇ Attackerµé¿¡°Ô ¼ºñ½º °ÅºÎ °ø°ÝÀ» Çã¿ëÇϰųª À¥¼¹öÀÇ ±ÇÇÑÀ¸·Î ½Ã½ºÅÛ³»ÀÇ ÀÓÀÇÀÇ ¸í·ÉµéÀ» ¼öÇà½Ãų ¼ö ÀÖ°Ô ÇØ ÁØ´Ù.
¿ø°ÝÁö¿¡¼ ´ÙÀ½°ú °°ÀÌ "Accept:" ¸í·É¿¡ ¾ÆÁÖ ±ä Àμö¸¦ ÁÙ ¶§ À¥¼¹ö´Â Crash°¡ ³´Ù.
GET / HTTP/1.0
Accept: <thousands of chars>/gif
* Âü°í »çÀÌÆ®:
http://www.iss.net/security_center/static/3256.php
http://www.securityfocus.com/bid/631 |
| ÇØ°áÃ¥ |
Netscape Communications»ó¿¡ ¹®ÀÇÇÏ¿© ÆÐÄ¡¸¦ ¼³Ä¡ÇÏ¿©¾ß ÇÑ´Ù. |
| °ü·Ã URL |
CVE-1999-0751 (CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
