English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 23024
À§Çèµµ 40
Æ÷Æ® 139
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù Samba
»ó¼¼¼³¸í ÇØ´ç Samba ¼­¹öÀÇ ¹öÀüÀº ¿ø°Ý ÆÄÀÏ »ý¼º Ãë¾àÁ¡¿¡ Ãë¾àÇÏ´Ù.
¿ø°ÝÁöÀÇ °ø°ÝÀÚ´Â smb.conf¿¡ Á¤ÀÇµÈ %m ¸ÅÅ©·Î·Î ´ëüµÉ, À¯´Ð½º °æ·Î¸í ¹®ÀÚµéÀ» Æ÷ÇÔÇÏ´Â NetBIOS ¸íÀ» »ç¿ëÇÒ ¼ö ÀÖ´Ù. ÀÌ°ÍÀº Áß¿äÇÑ ½Ã½ºÅÛ ÆÄÀÏÀÇ Ã¹ ºÎºÐ(top)¿¡ Samba°¡ ·Î±×ÆÄÀÏÀ» »ý¼ºÇÏ°Ô Çϴµ¥ »ç¿ëµÉ ¼ö ÀÖ´Ù. ÀÌ´Â ´Ù½Ã ¸»ÇØ ¸ñÇ¥¼­¹ö¿¡ ħÅõÇϴµ¥ »ç¿ëµÉ ¼ö ÀÖÀ½À» ÀǹÌÇÑ´Ù.
ÀÌ °ø°Ý¿¡ Ãë¾àÇÑ ´ëºÎºÐÀÇ °øÅëÀûÀ¸·Î »ç¿ëµÇ´Â ¼³Á¤ ¿É¼ÇÀº "log file" ¿É¼ÇÀÌ´Ù. ÀÌ ¿É¼Ç¿¡ ´ëÇÑ µðÆúÆ® °ªÀº VARDIR/log.smbd ÀÌ´Ù. µðÆúÆ® °ªÀÌ »ç¿ëµÈ´Ù¸é ÀÌ °ø°Ý¿¡ Ãë¾àÇÏÁö ¾Ê´Ù.
º¸¾È Ãë¾àÁ¡Àº ·Î±×ÆÄÀÏ ¿É¼ÇÀÌ ´ÙÀ½°ú °°ÀÌ ¼³Á¤µÇ¾î ÀÖÀ» ¶§ »ý°Ü³­´Ù:

log file = /var/log/samba/%m.log

ÀÌ °æ¿ì °ø°ÝÀÚ´Â ½Ã½ºÅÛ»ó¿¡ ÀÓÀÇÀÇ ÆÄÀÏÀ» µ¤¾î¾²±â À§ÇØ ½Éº¼¸¯ ¸µÅ©¸¦ ·ÎÄ÷Π»ý¼ºÇÒ ¼ö ÀÖ´Ù. ÀÌ°ÍÀº ¼­¹ö¿¡ ´ëÇÑ ·ÎÄà ¾×¼¼½º¸¦ ÇÊ¿ä·Î ÇÑ´Ù. °ø°ÝÀÚ´Â ÀÌ °áÇÔÀ» ÀÌ¿ëÇÏ¿© ¿ø°ÝÀ¸·Î ¿øÇÏ´Â ÆÄÀÏ¿¡ µ¥ÀÌŸ¸¦ µ¤¾î¾²°Å³ª Ãß°¡ÇÒ ¼ö ÀÖ´Ù.

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Samba ¼­¹öÀÇ ¹öÀüÀ» ÅëÇÏ¿© ÀÌ Ãë¾àÁ¡À» Á¡°ËÇÑ´Ù. µû¶ó¼­ °ÅÁþ ¾ç¼º¹ÝÀÀ(false positive)À» º¸ÀÏ ¼öµµ ÀÖ´Ù.

Ãë¾àÇÑ Ç÷§Æû:
- Samba 2.0.9 ÀÌÇÏÀÇ ¹öÀü
- Samba 2.2.0

* Âü°í »çÀÌÆ®:
http://online.securityfocus.com/bid/2928
http://www.iss.net/security_center/static/6731.php
ÇØ°áÃ¥ Debian Linux 2.2 (º°Äª potato):
´ÙÀ½ Debian Linux º¸¾È ±Ç°í¾È DSA-065-1 À» ÂüÁ¶ÇÏ¿© samba (2.0.7-3.4 ÀÌ»ó)ÀÇ ÃֽŠ¹öÀüÀ¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù:
http://www.debian.org/security/2001/dsa-065

Red Hat Linux ¸ðµç ¹öÀü:
´ÙÀ½ Red Hat»çÀÇ º¸¾È ±Ç°í¾È RHSA-2001:086-06 À» ÂüÁ¶ÇÏ¿© samba (2.0.10-0.52 ÀÌ»ó)ÀÇ ÃֽŠ¹öÀüÀ¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù:
http://rhn.redhat.com/errata/RHSA-2001-086.html

Samba/iX¸¦ »ç¿ëÇÏ´Â HP CIFS/9000 Server ¹öÀü A.01.07 ÀÌÇÏ¿Í HP 3000 ¼­¹öµé:
´ÙÀ½ Hewlett-Packard »çÀÇ º¸¾È ±Ç°í¾È HPSBUX0107-157 À» ÂüÁ¶ÇÏ¿© Á¶Ä¡ ÇÏ¿©¾ß ÇÑ´Ù:
http://online.securityfocus.com/advisories/3423

Samba/iX¸¦ »ç¿ëÇÏ´Â HP 3000 MPE/iX ¼­¹öµé:
´ÙÀ½ Hewlett-Packard »çÀÇ º¸¾È ±Ç°í¾È HPSBMP0107-012 À» ÂüÁ¶ÇÏ¿© Á¶Ä¡ ÇÏ¿©¾ß ÇÑ´Ù:
http://www.auscert.org.au/render.html?it=1382

SGI IRIX ¸ðµç ¹öÀüµé:
´ÙÀ½ SGIÀÇ º¸¾È ±Ç°í¾È 20011002-01-P À» ÂüÁ¶ÇÏ¿© samba (2.2.1a ÀÌ»ó)ÀÇ ÃֽŠ¹öÀüÀ¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù:
ftp://patches.sgi.com/support/free/security/advisories/20011002-01-P

SuSE Linux ¸ðµç ¹öÀü:
´ÙÀ½ SuSEÀÇ º¸¾È ±Ç°í¾È SuSE-SA:2001:021 À» ÂüÁ¶ÇÏ¿© samba (2.0.10-0 ÀÌ»ó)ÀÇ ÃֽŠ¹öÀüÀ¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù:
http://www.suse.com/support/security/advisories/

2001-06-23 ÀÌÀüÀÇ FreeBSD Ports Collection:
´ÙÀ½ FreeBSD-SA-01:45 À» ÂüÁ¶ÇÏ¿© samba (2.0.10 dated 2001-06-23 ÀÌ»ó)ÀÇ ÃֽŠ¹öÀüÀ¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:45.samba.asc

±âŸ Ç÷§Æû:
¾÷±×·¹À̵å ȤÀº ÆÐÄ¡ Á¤º¸´Â °¢ º¥´õ¿¡ ¹®ÀÇÇÏ¿©¾ß ÇÑ´Ù. ȤÀº ´ÙÀ½ Samba À¥ »çÀÌÆ®¸¦ ÂüÁ¶ÇÒ ¼öµµ ÀÖ´Ù:
http://www.samba.org/samba/download/
°ü·Ã URL CVE-2001-1162 (CVE)
°ü·Ã URL (SecurityFocus)
°ü·Ã URL (ISS)