| 
   
            
 	            | Ãë¾àÁ¡ID | 23155 |   
 	            | À§Çèµµ | 40 |  
 	            | Æ÷Æ® | 5250 |  	
 	            | ÇÁ·ÎÅäÄÝ | TCP |  	
 	            | ºÐ·ù | CGI |  	
 	            | »ó¼¼¼³¸í | CA iGatewayÀÇ ¹öÀü¿¡ µû¸£¸é ÇØ´ç ¼ºñ½º¿¡´Â Content-Length Çì´õ Çʵ带 ÅëÇÑ ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡¿¡ Á¸ÀçÇÑ´Ù. iTechnology iGateway 4.0.051230 ÀÌÀüÀÇ ¹öÀüµé¿¡ ÀÖ´Â, ´Ù¾çÇÑ Computer Associates (CA) iTechnology Á¦Ç°µéÀ» À§ÇÑ iGateway ¼ºñ½º´Â À½¼öÀÇ HTTP Content-Length °ªµé¿¡ ´ëÇÑ ºÎÀûÀýÇÑ Ã³¸®·Î ÀÎÇÏ¿© Èü ±â¹ÝÀÇ ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡¿¡ Ãë¾àÇÏ´Ù. À½¼öÀÇ Content-Length Àμö¸¦ °¡Áø Àß Á¶ÀÛµÈ HTTP ¿äûÀ» Æ÷Æ® 5250 ¹øÀ¸·Î º¸³¿À¸·Î½á, ¿ø°ÝÁöÀÇ °ø°ÝÀÚ´Â ÀÌ °áÇÔÀ» µµ¿ëÇÒ ¼ö ÀÖÀ¸¸ç ¿µÇâÀ» ¹Þ´Â È£½ºÆ® »ó¿¡ ÀÓÀÇÀÇ Äڵ带 ½ÇÇà½Ãų ¼ö ÀÖ´Ù. 
 * Âü°í »çÀÌÆ®:
 http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp
 http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041683.html
 
 * ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
 ´Ù¼öÀÇ Computer AssociatesÀÇ Á¦Ç°µé
 ¸ðµç ¿î¿µÃ¼Á¦ ¸ðµç ¹öÀü
 |  	
 	            | ÇØ°áÃ¥ | ´ÙÀ½ Computer AssociatesÀÇ ÆÐÄ¡ ´Ù¿î·Îµå À¥ »çÀÌÆ®¿¡¼ ±¸ÇÒ ¼ö ÀÖ´Â ÀÌ Ãë¾àÁ¡À» À§ÇÑ ÀûÀýÇÑ ÆÐÄ¡(iGateway ¹öÀü 4.0.051230 ȤÀº ÀÌÈÄ)¸¦ Àû¿ëÇÏ¿©¾ß ÇÑ´Ù: http://supportconnectw.ca.com/public/ca_common_docs/igatewaypatch_index.asp
 |  	
 	            | °ü·Ã URL | CVE-2005-3653 (CVE) |  	
 	            | °ü·Ã URL | 16354 (SecurityFocus) |  
 	            | °ü·Ã URL | 24269 (ISS) |  |