English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 23029
À§Çèµµ 40
Æ÷Æ® 7100
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù X11
»ó¼¼¼³¸í XFS µ¥¸óÀÇ ¾î¶² ¹öÀüÀÌ ÇØ´ç È£½ºÆ® »ó¿¡¼­ °¡µ¿ ÁßÀÎ °ÍÀ¸·Î ³ªÅ¸³­´Ù. ´Ù¼ö º¥´õÀÇ X Font ¼­¹ö´Â ¿ø°Ý ¹öÆÛ ¿À¹öÇÃ·Î¿ì °ø°Ý¿¡ Ãë¾àÇÏ´Ù. ¿ø°ÝÀ¸·Î µµ¿ë°¡´ÉÇÑ ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡ÀÌ ´Ù¼ö º¥´õ¿¡ ÀÇÇØ »ç¿ëµÇ´Â X Window Font Service (XFS)ÀÇ ±¸ÇöÀÎ fs.auto¿¡ Á¸ÀçÇÏ´Â °ÍÀ¸·Î º¸°íµÇ¾ú´Ù. Ãë¾àÇÑ ½Ã½ºÅÛÀ¸·Î Á¶ÀÛµÈ XFS ÁúÀǸ¦ º¸³¿À¸·Î½á ¿ø°ÝÁöÀÇ °ø°ÝÀÚ´Â fs.auto Dispatch() ·çƾ¿¡ ÀÖ´Â ¹öÆÛ¸¦ ¿À¹öÇ÷οì½Ãų ¼ö ÀÖÀ¸¸ç "nobody" »ç¿ëÀÚ ±ÇÇÑÀ¸·Î ¼­¹ö»ó¿¡ ÀÓÀÇÀÇ Äڵ带 ½ÇÇà½ÃÅ°°Å³ª ¼­ºñ½º¸¦ Å©·¡½¬(Crash) ½Ãų ¼ö ÀÖ´Ù.

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº ÀÌ Ãë¾àÁ¡À» Á¡°ËÇϱâ À§ÇØ ½ÇÁ¦ Å×½ºÆ®¸¦ ¼öÇàÇÏÁö ¾ÊÀ¸¸ç ´ÜÁö xfs µ¥¸óÀÇ Á¸ÀçÀ¯¹« ¸¸À» È®ÀÎÇÑ´Ù. µû¶ó¼­ °ÅÁþ ¾ç¼º¹ÝÀÀ(False Positive)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
http://www.cert.org/advisories/CA-2002-34.html
http://www.kb.cert.org/vuls/id/312313

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
XFree86 X11R6 3.3
XFree86 X11R6 3.3.2
XFree86 X11R6 3.3.3
XFree86 X11R6 3.3.4
XFree86 X11R6 3.3.5
HP HP-UX 10.xx ~ 11.xx
Sun Solaris 2.5.1, 2.6, 7, 8, 9
IBM AIX 4.3, 5.1, 5.2
ÇØ°áÃ¥ Sun Solaris ½Ã½ºÅÛµéÀÇ °æ¿ì:
´ÙÀ½ »çÀÌÆ®¸¦ ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇÏ¿©¾ß ÇÑ´Ù:
http://download.oracle.com/sunalerts/1000778.1.html

SGI IRIX 6.5.xÀÇ °æ¿ì:
´ÙÀ½ SGI º¸¾È ±Ç°í¾È 20021202-01-IÀ» ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇÏ¿©¾ß ÇÑ´Ù:
ftp://patches.sgi.com/support/free/security/advisories/20021202-01-I

IBM AIX 4.3, 5.1, ±×¸®°í 5.2ÀÇ °æ¿ì:
½Ã½ºÅÛ¿¡ ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇÏ¿©¾ß ÇÑ´Ù. IBMÀº ´ÙÀ½ÀÇ °ø½Ä FixµéÀ» Á¦°øÇÏ°í ÀÖ´Ù:
APAR number for AIX 4.3.3: IY37888 (available approx. 01/29/03)
APAR number for AIX 5.1.0: IY37886 (available approx. 04/28/03)
APAR number for AIX 5.2.0: IY37889 (available approx. 04/28/03)
À¥»çÀÌÆ®¿¡¼­ efix¸¦ Áö¿øÇÏÁö ¾ÊÀ» °æ¿ì º¥´õ¿¡ ¹®ÀÇÇÏ¿© »ó±âÀÇ efix¸¦ ÆÐÄ¡Çϰųª ÃֽŠ¹öÀüÀÇ AIX·Î ¾÷±×·¹À̵å ÇØ¾ß ÇÑ´Ù.

HP HP-UXÀÇ °æ¿ì:
´ÙÀ½ HP º¸¾È °Ô½Ã¹°: HPSBUX0212-228À» ÂüÁ¶ÇÏ¿© ½Ã½ºÅÛ¿¡ ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇÏ¿©¾ß ÇÑ´Ù:
http://www.securityfocus.com/advisories/4988

-- ȤÀº --

ÇÊ¿äÇÏÁö ¾Ê´Ù¸é fs.auto ¼­ºñ½º¸¦ ÀÛµ¿ÁßÁö ½ÃŲ´Ù. °ü¸®ÀÚµéÀº inetd ¼³Á¤ ÆÄÀÏ(/etc/inetd.conf) ÆÄÀÏÀ» ÆíÁýÇÏ¿© ´ÙÀ½°ú °°ÀÌ inetd ÇÁ·Î¼¼½º¸¦ Àç½ÃÀÛ ½ÃÅ´À¸·Î½á ÀÛµ¿ÁßÁö ½Ãų ¼ö ÀÖ´Ù:

Solaris »ó¿¡¼­ fs.auto¸¦ ÀÛµ¿ ÁßÁö½ÃÅ°´Â ¹æ¹ý:
1. "/etc/inetd.conf" ÆÄÀÏÀ» ÆíÁýÇÏ¿© ´ÙÀ½°ú °°ÀÌ ¶óÀÎÀÇ ½ÃÀÛÀ§Ä¡¿¡ "#" ¹®ÀÚ¸¦ Ãß°¡ÇÔÀ¸·Î½á ´ÙÀ½ ¶óÀÎÀ» ÁÖ¼® ó¸®ÇÒ ¼ö ÀÖ´Ù:
#fs stream tcp wait nobody /usr/openwin/lib/fs.auto fs
2. Hangup ½Ã±×³ÎÀ» º¸³¿À¸·Î½á »õ·Î ¼öÁ¤µÈ "/etc/inetd.conf" ÆÄÀÏÀ» ´Ù½Ã ÀоîµéÀ̵µ·Ï inetd ÇÁ·Î¼¼½º¿¡°Ô ¾Ë·ÁÁØ´Ù:
# kill -HUP <inetd process id>

*Solaris 10 ÀÌÈÄÀÇ °æ¿ì ´ÙÀ½°ú °°ÀÌ fs.auto ¼­ºñ½º¸¦ ÁßÁö½Ãų ¼ö ÀÖ´Ù.
# svcadm disable svc:/application/x11/xfs:default
# pkill -x xfs
°ü·Ã URL CVE-2002-1317 (CVE)
°ü·Ã URL 6241 (SecurityFocus)
°ü·Ã URL 10375 (ISS)