| Ãë¾àÁ¡ID |
22344 |
| À§Çèµµ |
30 |
| Æ÷Æ® |
80, ... |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
WWW |
| »ó¼¼¼³¸í |
ÇØ´ç WebSphere Application Server´Â Á¸ÀçÇÏÁö ¾Ê´Â È£½ºÆ®¸íÀ» ÅëÇÑ JSP ¼Ò½º ÄÚµå ³ëÃâ Ãë¾àÁ¡¿¡ Ãë¾àÇÏ´Ù. IBM WebSphere Application Server 6.0 ÀÌÇÏÀÇ ¹öÀüµéÀº ¿ø°ÝÁöÀÇ °ø°ÝÀÚ°¡ ´Ù¾çÇÑ JSP(JavaServer Pages) ½ºÅ©¸³Æ®µéÀÇ ¼Ò½º Äڵ带 º¼ ¼ö ÀÖ°Ô ÇØ ÁÙ ¼ö ÀÖ´Ù. ¹®Á¦´Â À¥ ¼¹öÀÇ Document root°¡ ¾îÇø®ÄÉÀÌ¼Ç ¼¹öÀÇ Document root¿Í µ¿ÀÏÇÑ À§Ä¡ÀÇ ¾î¶² ȯ°æ¼³Á¤¿¡¼ ¿äûÀÇ Ã³¸® °úÁ¤¿¡ ÀÖ´Â ¿¡·¯°¡ ¿øÀÎÀÌ µÈ´Ù. ÀÌ´Â "Host" HTTP Çì´õ¿¡ Á¸ÀçÇÏÁö ¾Ê´Â È£½ºÆ®¸íÀ» °¡Áø Àß Á¶ÀÛµÈ ¿äûÀ» º¸³¿À¸·Î½á JSP ½ºÅ©¸³Æ®µéÀÇ ¼Ò½º Äڵ带 ³ëÃâ½ÃÅ°´Â µ¥ µµ¿ëµÉ ¼ö ÀÖ´Ù.
* Âü°í »çÀÌÆ®:
http://secunia.com/advisories/14962/
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
IBM WebSphere Application Server 6.0 ÀÌÇÏÀÇ ¹öÀüµé
¸ðµç ¿î¿µÃ¼Á¦ ¸ðµç ¹öÀü |
| ÇØ°áÃ¥ |
IBM WebSphere Application Server À¥ ÆäÀÌÁöÀÎ http://www-306.ibm.com/software/webservers/appserv/was/ ¿¡¼ ÃֽŠ¹öÀüÀÇ WebSphere Application Server·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù. |
| °ü·Ã URL |
CVE-2005-1112 (CVE) |
| °ü·Ã URL |
13160 (SecurityFocus) |
| °ü·Ã URL |
20099 (ISS) |
|
