Ãë¾àÁ¡ID |
23231 |
À§Çèµµ |
30 |
Æ÷Æ® |
139 |
ÇÁ·ÎÅäÄÝ |
TCP |
ºÐ·ù |
Samba |
»ó¼¼¼³¸í |
¿ø°Ý È£½ºÆ®¿¡´Â 3.6.12 ÀÌÀüÀÇ 3.x Samba ¹öÀüÀÌ °¡µ¿ ÁßÀ̸ç, ´ÙÀ½ÀÇ Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù.
- SWAT ÀÎÅÍÆäÀ̽º¿¡ 'clickjacking' °ø°Ý¿¡ Ãë¾àÇÑ ¿¡·¯°¡ Á¸ÀçÇÑ´Ù. (CVE-2013-0213, Issue #9576)
- SWAT ÀÎÅÍÆäÀ̽º¿¡ cross-site request forgery (XSRF) °ø°Ý¿¡ Ãë¾àÇÑ ¿¡·¯°¡ Á¸ÀçÇÑ´Ù. (CVE-2013-0214, Issue #9577)
* ¾Ë¸²: ¸¸¾à ÀÌ Á¡°ËÇ׸ñÀÌ ÀÌ Ãë¾àÁ¡À» Á¡°ËÇϱâ À§ÇØ ÇØ´ç Samba ¼¹öÀÇ ¹öÀü Á¤º¸¸¸À» È®ÀÎÇÑ´Ù. µû¶ó¼ °ÅÁþ ¾ç¼º¹ÝÀÀ(False Positive)À» º¸ÀÏ ¼ö ÀÖ´Ù.
* Âü°í »çÀÌÆ®: http://www.samba.org/samba/security/CVE-2013-0213 http://www.samba.org/samba/security/CVE-2013-0214 http://www.samba.org/samba/history/samba-4.0.2.html
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû: Samba Project, Samba versions 3.6.12 ÀÌÀü 3.x ¹öÀüµé Linux Any version Unix Any version |
ÇØ°áÃ¥ |
Samba À¥ »çÀÌÆ®ÀÎ http://us1.samba.org/samba/ ¿¡¼ ±¸ÇÒ ¼ö ÀÖ´Â SambaÀÇ °¡Àå ÃֽŠ¹öÀü (3.6.12 ȤÀº ÀÌÈÄ ¹öÀü)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù. |
°ü·Ã URL |
CVE-2013-0213,CVE-2013-0214 (CVE) |
°ü·Ã URL |
(SecurityFocus) |
°ü·Ã URL |
(ISS) |
|