Ãë¾àÁ¡ID |
25076 |
À§Çèµµ |
30 |
Æ÷Æ® |
3306 |
ÇÁ·ÎÅäÄÝ |
TCP |
ºÐ·ù |
DB |
»ó¼¼¼³¸í |
ÇØ´ç È£½ºÆ®¿¡´Â 5.1.26 ÀÌÀüÀÇ MySQLÀÇ ¾î¶² ¹öÀüÀÌ °¡µ¿ ÁßÀÌ´Ù. MySQL 5.1.26 ÀÌÀüÀÇ 5.1.x ¹öÀüµéÀº ¼ºñ½º °ÅºÎ Ãë¾àÁ¡¿¡ Ãë¾àÇÏ´Ù. °ø°ÝÀÚ´Â ºó ºñÆ® ½ºÆ®¸µ literal (b') ¸¦ 'Item_bin_string::Item_bin_string' ¸¦ ÀÌ¿ëÇÏ¿© ´Ù·ê¶§ SELECT ±¸¹®¿¡¼ ¼¹öÅ©·¡½¬°¡ ¹ß»ýÇØ ¼ºñ½º¸¦ °ÅºÎÇÏ°Ô ¸¸µé¼ö ÀÖ´Ù.
* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº ÀÌ Ãë¾àÁ¡À» Á¡°ËÇϱâ À§ÇØ ÇØ´ç MySQLÀÇ ¹è³Ê Á¤º¸¸¸À» È®ÀÎÇÑ´Ù. µû¶ó¼ °ÅÁþ ¾ç¼º¹ÝÀÀ(False Positive)À» º¸ÀÏ ¼ö ÀÖ´Ù.
* Âü°í »çÀÌÆ®: http://bugs.mysql.com/bug.php?id=35658 http://dev.mysql.com/doc/refman/5.1/en/news-5-1-26.html http://www.openwall.com/lists/oss-security/2008/09/09/4 http://www.openwall.com/lists/oss-security/2008/09/09/7
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû: MySQL 5.1.26 ÀÌÀüÀÇ 5.1.x ¹öÀüµé ¸ðµç ¿î¿µÃ¼Á¦ ¸ðµç ¹öÀü |
ÇØ°áÃ¥ |
MySQL À¥ »çÀÌÆ®ÀÎ http://www.mysql.com/ ¿¡¼ ±¸ÇÒ ¼ö ÀÖ´Â MySQLÀÇ °¡Àå ÃֽŠ¹öÀü(5.1.26 ȤÀº ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù. |
°ü·Ã URL |
CVE-2008-3963 (CVE) |
°ü·Ã URL |
31081 (SecurityFocus) |
°ü·Ã URL |
(ISS) |
|