English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 23326
À§Çèµµ 40
Æ÷Æ® 139
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù Samba
»ó¼¼¼³¸í ¿ø°Ý È£½ºÆ®¿¡¼­ ½ÇÇàµÇ´Â Samba ¹öÀüÀº 4.13.x ÀÌÀü 4.13.14, 4.14.x ÀÌÀü 4.14.10 ¶Ç´Â 4.15.x ÀÌÀü 4.15.2ÀÔ´Ï´Ù. µû¶ó¼­ °ø±Þ¾÷ü ±Ç°í¿¡ ¾ð±ÞµÈ ¿©·¯ Ãë¾àÁ¡ÀÇ ¿µÇâÀ» ¹ÞÀ» ¼ö ÀÖ½À´Ï´Ù.

- °ø°ÝÀÚ´Â Çù»óµÈ SMB1 Ŭ¶óÀ̾ðÆ® ¿¬°áÀ» ´Ù¿î±×·¹À̵åÇÒ ¼ö ÀÖ½À´Ï´Ù. (CVE-2016-2124)

- Active Directory µµ¸ÞÀÎ ÄÁÆ®·Ñ·¯·Î¼­ÀÇ Samba´Â ´ÙÀ½À» Áö¿øÇÒ ¼ö ÀÖ½À´Ï´Ù. RODC´Â µµ¸ÞÀο¡¼­ ÃÖ¼ÒÇÑÀÇ ±ÇÇÑÀ» °®±â À§ÇÑ °ÍÀÔ´Ï´Ù. ±×·¯³ª Samba ¶Ç´Â Windows RODC¿¡¼­ ƼÄÏÀ» ¼ö¶ôÇÒ ¶§ Samba´Â RODC°¡ ±×·¯ÇÑ Æ¼ÄÏÀ» ÀμâÇÒ ±ÇÇÑÀÌ ÀÖ´ÂÁö È®ÀÎÇÏÁö ¾Ê¾Ò½À´Ï´Ù. µû¶ó¼­ RODC¿¡¼­ °ü¸®ÀÚ Æ¼ÄÏÀ» ÀμâÇÒ ¼ö ÀÖ½À´Ï´Ù. (CVE-2020-25718)

* Âü°í »çÀÌÆ®:
https://www.samba.org/samba/history/security.html
https://www.samba.org/samba/security/CVE-2016-2124.html
https://www.samba.org/samba/security/CVE-2020-25717.html
https://www.samba.org/samba/security/CVE-2020-25718.html
https://www.samba.org/samba/security/CVE-2020-25719.html
https://www.samba.org/samba/security/CVE-2020-25721.html
https://www.samba.org/samba/security/CVE-2020-25722.html
https://www.samba.org/samba/security/CVE-2021-3738.html
https://www.samba.org/samba/security/CVE-2021-23192.html

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Samba Project, Samba 4.13.14 ÀÌÀüÀÇ 4.13.x ¹öÀü
Linux Any version
Unix Any version
ÇØ°áÃ¥ Samba À¥ »çÀÌÆ®ÀÎ https://www.samba.org/samba/download/¿¡¼­ ±¸ÇÒ ¼ö ÀÖ´Â SambaÀÇ °¡Àå ÃֽŠ¹öÀü (4.13.14 ȤÀº ÀÌÈÄ ¹öÀü)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù.
°ü·Ã URL CVE-2016-2124,CVE-2020-25717,CVE-2020-25718,CVE-2020-25719,CVE-2020-25721,CVE-2020-25722,CVE-2021-23192,CVE-2021-3738 (CVE)
°ü·Ã URL (SecurityFocus)
°ü·Ã URL (ISS)