English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 28028
À§Çèµµ 30
Æ÷Æ® 139,445
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù SMB
»ó¼¼¼³¸í ÇØ´ç Windows ·¹Áö½ºÆ¼¸® Å° 'HKLM\CurrentControlSet\Control\SecurePipeServers\winreg'´Â ºñ °ü¸®ÀÚ ±ÇÇÑÀ¸·Î ¾²±â °¡´ÉÇÏ°Ô µÇ¾î ÀÖ´Ù. ÀÌ Å°¿¡ ´ëÇÑ º¸¾È Æ۹̼Ç(permission)Àº ¿ø°ÝÀ¸·Î ·¹Áö½ºÆ®¸®¸¦ ¾×¼¼½ºÇϱâ À§ÇØ ½Ã½ºÅÛ¿¡ ´ëÇÑ Á¢¼ÓÇÒ ¼ö ÀÖ´Â »ç¿ëÀÚ¿Í ±×·ìµéÀ» Á¤ÀÇÇÑ´Ù.
Microsoft Windows NT 3.51¿Í Windows NT 4.0 ¼­ºñ½ºÆÑ 3 ÀÌÀü ¹öÀüµéÀº µðÆúÆ® ¼³Ä¡½Ã ÀÓÀÇÀÇ »ç¿ëÀÚ°¡ ¿ø°ÝÀ¸·Î ·¹Áö½ºÆ®¸®¿¡ Á¢¼ÓÇÒ ¼ö ÀÖ°Ô µÇ¾î ÀÖ´Ù. ¶ÇÇÑ Microsoft Exchange Server 2000 ¼ÒÇÁÆ®¿þ¾îÀÇ ¼³Ä¡ ½Ã¿¡µµ ÀÌ Å°¸¦ ¸ðµÎ°¡ ¾²±â °¡´ÉÇÑ ¸ðµå·Î ¹Ù²Ù¾î ¹ö¸°´Ù. ¿ø°ÝÁöÀÇ °ø°ÝÀÚµéÀº ÀÌ ¹®Á¦¸¦ µµ¿ëÇÏ¿© ·¹Áö½ºÆ®¸®¿¡ ´ëÇÑ ¼öÁ¤ ÀÛ¾÷µéÀ» ÇÒ ¼ö ÀÖ´Ù.

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ ¿ø°ÝÁö È£½ºÆ®ÀÇ ·¹Áö½ºÆ®¸®¸¦ ¾×¼¼½ºÇÒ ¼ö ÀÖ´Â Guest ȤÀº ±× ÀÌ»óÀÇ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ­ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
http://www.microsoft.com/technet/security/bulletin/MS02-003.asp
http://support.microsoft.com/default.aspx?scid=KB;en-us;q153183
http://www.securityfocus.com/bid/6830
http://www.iss.net/security_center/static/151.php

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Microsoft Exchange 2000
Windows NT Any version
ÇØ°áÃ¥ ÀÌ Ãë¾àÁ¡¿¡ ´ëÇÑ ÆÐÄ¡¸¦ Àû¿ëÇÏ¿©¾ß ÇÑ´Ù. ÆÐÄ¡´Â ´ÜÁö WinReg Å°¿¡ ´ëÇÑ "Everyone" ±×·ìÀÇ Æ۹̼Ǹ¸À» Á¦°ÅÇÑ´Ù. ´Ù¸¥ ¸ðµç ·¹Áö½ºÆ®¸® Æ۹̼ÇÀº ±×´ë·Î ³²´Â´Ù.

À©µµ¿ìÁî NTÀÇ °æ¿ì:
´ÙÀ½ Windows NT ¼­ºñ½ºÆÑ À¥ÆäÀÌÁö·ÎºÎÅÍ °¡Àå ÃÖ½ÅÀÇ Windows NT 4.0 Service Pack (SP4 ÀÌ»ó)À» ±¸ÇÏ¿© Àû¿ëÇÏ¿©¾ß ÇÑ´Ù:
Microsoft»ç´Â ´õ ÀÌ»ó Windows NT¸¦ Áö¿øÇÏÁö ¾Ê´Â´Ù. º¥´õ¿¡ ¹®ÀÇÇÏ¿© ¼­ºñ½ºÆÑ (SP4 ÀÌ»ó)À¸·Î ¾÷±×·¹À̵å ÇؾßÇÑ´Ù.

Microsoft Exchange Server 2000ÀÇ °æ¿ì:
´ÙÀ½ ¸¶ÀÌÅ©·Î¼ÒÇÁÆ® º¸¾È °Ô½Ã¹° MS02-003À» Âü°íÇÏ¿© ÀûÀýÇÑ ÆÐÄ¡¸¦ Àû¿ëÇÑ´Ù:
http://www.microsoft.com/technet/security/bulletin/MS02-003.asp

-- ±×¸®°í --

·¹Áö½ºÆ®¸® ÆíÁý±â¸¦ ÀÌ¿ëÇÏ¿© HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\Winreg ¿¡ ´ëÇØ Administrators ¾×¼¼½º¸¸À» Çã¿ëÇϵµ·Ï Æ۹̼ÇÀ» Àû¿ëÇÑ´Ù. ¸¸¾à ÀÌ Å°°¡ Á¸ÀçÇÏÁö ¾Ê´Â´Ù¸é Å°¸¦ ¸¸µé°í Æ۹̼ÇÀ» Àû¿ëÇÑ´Ù.

·¹Áö½ºÆ®¸® ¾×¼¼½º¸¦ Á¦ÇÑÇϱâ À§Çؼ­´Â:

1. ·¹Áö½ºÆ®¸® ÆíÁý±â¸¦ ¿¬´Ù. Windows NT/2000 ½ÃÀÛ ¸Þ´º·ÎºÎÅÍ '½ÇÇà'À» ¼±ÅÃÇÏ°í regedt32¸¦ ŸÀÌÇÎÇÑ´Ù. ±×¸®°í ³ª¼­ 'È®ÀÎ'À» Ŭ¸¯ÇÑ´Ù.
2. HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\Winreg ·¹Áö½ºÆ®¸® Å°·Î À̵¿ÇÑ´Ù.
3. º¸¾È ¸Þ´º¿¡¼­ '»ç¿ë ±ÇÇÑ'À» ¼±ÅÃÇÏ¸é ·¹Áö½ºÆ®¸® Å° ÆÛ¹Ì¼Ç ´ÙÀ̾ó·Î±× ¹Ú½º°¡ µð½ºÇ÷¹À̵ȴÙ.
4. ¸®½ºÆÃµÈ Æ۹̼ÇÀ» Á¡°ËÇÏ¿© ¿ø°ÝÀ¸·Î ·¹Áö½ºÆ®¸® ¾×¼¼½º¸¦ Çã¿ëÇÒ »ç¿ëÀڵ鿡 ´ëÇÑ Æ۹̼ÇÀ» ¼³Á¤ÇÑ´Ù. À©µµ¿ì¿¡ ´ëÇÑ µðÆúÆ® ¼³Á¤Àº ·¹Áö½ºÆ®¸®¿¡ ´ëÇÑ ¿ø°Ý ¾×¼¼½º¸¦ Administrators¿¡°Ô¸¸ Çã¿ëÇÑ´Ù. À©µµ¿ìÁî 2000 ÀÌÈÄ¿¡¼­´Â Administrators¿Í Backup Operators¿¡°Ô¸¸ ·¹Áö½ºÆ®¸®¿¡ ´ëÇÑ µðÆúÆ® ³×Æ®¿÷ ¾×¼¼½º¸¦ Çã¿ëÇÏ°í ÀÖ´Ù.
5. ·¹Áö½ºÆ®¸® ÆíÁý±â¸¦ Á¾·áÇÏ°í À©µµ¿ìÁî Àç½ÃÀÛÇÑ´Ù.
°ü·Ã URL CVE-1999-0562,CVE-2002-0049 (CVE)
°ü·Ã URL (SecurityFocus)
°ü·Ã URL (ISS)