| Ãë¾àÁ¡ID |
27066 |
| À§Çèµµ |
40 |
| Æ÷Æ® |
135 |
| ÇÁ·ÎÅäÄÝ |
TCP |
| ºÐ·ù |
WMI |
| »ó¼¼¼³¸í |
´ë·®ÀÇ ÆÄÀÏ ¾÷·Îµå ¹× ´Ù¿î·Îµå·Î ÀÎÇÏ¿© ¼ºñ½º ºÒ´É»óÅ°¡ ¹ß»ýÇÒ ¼ö ÀÖÀ¸¹Ç·Î ºÒÇÊ¿äÇÑ ¾÷·Îµå ¹× ´Ù¿î·ÎµåÀÇ ¿ë·®À» Á¦ÇÑÇÏ¿©¾ß ÇÔ. ¶ÇÇÑ, ´ë·®ÀÇ ÆÄÀÏ ¿ë·®À» Çã¿ëÇÒ °æ¿ì À¥ Ãë¾àÁ¡À¸·Î ÀÎÇÏ¿© Áß¿ä Á¤º¸°¡ ´ë·®À¸·Î À¯ÃâµÉ À§Ç輺ÀÌ ÀÖÀ½.
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Microsoft IIS Server |
| ÇØ°áÃ¥ |
[Windows Server 2003]
1. ½ÃÀÛ> ½ÇÇà> SERVICES.MSC> IISADMIN> ¼Ó¼º> [ÀϹÝ] ÅÇ¿¡¼ ¼ºñ½º ÁßÁö
2. %systemroot%\system32\inetsrv\MetaBase.xml ÆÄÀÏÀ» ã¾Æ ÆíÁý±â·Î OPEN
3. AspMaxRequestEntityAllowed °ªÀ» ã¾Æ ÆÄÀÏ ¾÷·Îµå ¿ë·®À» ÃÖ¼Ò ¹üÀ§·Î Á¦ÇÑ
4. AspBufferingLimit °ªÀ» ã¾Æ ÆÄÀÏ ´Ù¿î·Îµå ¿ë·®À» ÃÖ¼Ò ¹üÀ§·Î Á¦ÇÑ
5. ½ÃÀÛ> ½ÇÇà> SERVICES.MSC> IISADMIN> ¼Ó¼º> [ÀϹÝ] ÅÇ¿¡¼ ¼ºñ½º ½ÃÀÛ
¡Ø Default ¼³Á¤ °ª
(1) maxAllowedContentLength (ÄÜÅÙÃ÷ ¿ë·®) => Default: 30MB
(2) MaxRequestEntityAllowed (ÆÄÀÏ ¾÷·Îµå ¿ë·®) => Default: 200000 byte
(3) bufferingLimit (ÆÄÀÏ ´Ù¿î·Îµå ¿ë·®)=> Default: 4MB(4194304 byte)
[Windows Server 2008, 2012, 2016, 2019]
1. µî·ÏµÈ À¥ »çÀÌÆ®ÀÇ ·çÆ® µð·ºÅ͸®¿¡ ÀÖ´Â web.config ÆÄÀÏ ³» ¾Æ·¡ Ç׸ñ Ãß°¡
(web.config ÆÄÀÏÀÌ ¾øÀ¸¸é »çÀÌÆ® Ȩ µð·ºÅ͸®¿¡ »õ·Î »ý¼º)
-------------------------------------------------------------------------------------------
web.config ÆÄÀÏ
<configuration>
<system.webServer>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="ÄÜÅÙÃ÷¿ë·®" />
</requestFiltering>
</security>
</system.webServer>
</configuration>
-------------------------------------------------------------------------------------------
%systemroot%\system32\inetsrv\config\applicationHost.config ÆÄÀÏ ³» ¾Æ·¡ Ç׸ñ Ãß°¡
-------------------------------------------------------------------------------------------
<system.webServer>
<asp>
<limits bufferingLimit="ÆÄÀÏ´Ù¿î·Îµå¿ë·®" maxRequestEntityAllowed="ÆÄÀϾ÷·Îµå¿ë·®"/>
</asp>
</system.webServer>
-------------------------------------------------------------------------------------------
Default ¼³Á¤ °ª
(1) maxAllowedContentLength (ÄÜÅÙÃ÷ ¿ë·®) -> Default 30MB
(2) MaxRequestEntityAllowed (ÆÄÀÏ ¾÷·Îµå ¿ë·®) -> Default 200000 byte
(3) bufferingLimit (ÆÄÀÏ ´Ù¿î·Îµå ¿ë·®) -> Default 4MB(4194304 byte) |
| °ü·Ã URL |
(CVE) |
| °ü·Ã URL |
(SecurityFocus) |
| °ü·Ã URL |
(ISS) |
|
