| Ãë¾àÁ¡ID |
24030 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
999 |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
BackDoor |
| »ó¼¼¼³¸í |
ÇØ´ç ¼¹ö¿¡ WinSATANÀ̶ó´Â ¹éµµ¾î°¡ ¼³Ä¡µÇ¾î ÀÖ´Ù. ÀÌ ¹éµµ¾î¸¦ ÀÌ¿ëÇÏ¸é ºÎºÐÀûÀ¸·Î ÇØ´ç ¼¹ö¸¦ ¿ø°Ý¿¡¼ Á¶ÀÛÇÒ ¼ö ÀÖÀ¸¸ç Æнº¿öµå¸¦ ÈÉÃij»°Å³ª ÀÛ¾÷À» ¹æÇØÇϴµ¥ ¾²ÀÏ ¼öµµ ÀÖ´Ù.
* Âü°í »çÀÌÆ®:
http://cgi.nessus.org/plugins/dump.php3?id=10316
http://www.iss.net/security_center/reference/vuln/SatansBackdoor.htm |
| ÇØ°áÃ¥ |
RegEdit¸¦ »ç¿ëÇؼ HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Run¿¡ ÀÖ´Â "RegisterServiceBackUp"¸¦ ã´Â´Ù. ±× °ª¿¡ ÀÖ´Â Path°¡ ¹éµµ¾î ÆÄÀÏÀÌ Á¸ÀçÇÏ´Â À§Ä¡ÀÌ´Ù. WinSATAN¿¡ °¨¿°ÀÌ µÇ¸é ·¹Áö½ºÆ®¸® °ªÀº "fs-backup.exe"¶ó ¸í¸íµÈ´Ù. |
| °ü·Ã URL |
(CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
