English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 28134
À§Çèµµ 40
Æ÷Æ® 139,445
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù SMB
»ó¼¼¼³¸í BlackBerry Enterprise ServerÀÇ ¹öÀü Á¤º¸¿¡ µû¸£¸é ÇØ´ç ¼­¹ö¿¡´Â ´ÙÁßÀÇ ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡µéÀÌ Á¸ÀçÇÑ´Ù. BlackBerry Attachment Service´Â RIM(Research in Motion) BlackBerry Enterprise ServerÀÇ ±¸¼º¿ä¼ÒÀÌ´Ù. BlackBerry Attachment Service´Â BlackBerry ¼ÒÇü±â±âµé°ú ´Ù¸¥ BlackBerry Ŭ¶óÀ̾ðÆ® Àåºñµé »ó¿¡¼­ email ÷ºÎ·Î¼­ º¸³½ ¾î¶² Á¾·ùÀÇ ÆÄÀϵéÀ» µð½ºÇ÷¹ÀÌÇÏ°Ô ÇØ ÁØ´Ù. RIM BlackBerry Enterprise ServerÀÇ IBM Lotus Domino¸¦ À§ÇÑ SP3 Hotfix 4 ÀÌÀüÀÇ 2.2°ú 4.0 ¹öÀüµé, ±×¸®°í Microsoft Exchange¸¦ À§ÇÑ SP7 ÀÌÀüÀÇ 3.6°ú SP3 Hotfix 3 ÀÌÀüÀÇ 5.0 ¹öÀüµé, ±×¸®°í Novell GroupWise¸¦ À§ÇÑ SP3 Hotfix 1 ÀÌÀüÀÇ 4.0 ¹öÀüµéÀº BlackBerry Attachment Service¿¡ ÀÖ´Â ´ÙÁßÀÇ ¹öÆÛ ¿À¹öÇ÷οì Ãë¾àÁ¡µé¿¡ Ãë¾àÇÏ´Ù. email ÷ºÎ·Î¼­ Àß Á¶ÀÛµÈ TIFF À̹ÌÁö³ª Word ¹®¼­¸¦ º¸³»°í ¾î¶² »ç¿ëÀÚ°¡ BlackBerry ¼ÒÇü±â±â(Handheld) »ó¿¡¼­ ±× À̹ÌÁö³ª ¹®¼­¸¦ º¸µµ·Ï ÇÔÀ¸·Î½á, ¿ø°ÝÁöÀÇ ºñÀΰ¡µÈ °ø°ÝÀÚ´Â ½Ã½ºÅÛ »ó¿¡ ÀÓÀÇÀÇ Äڵ带 ½ÇÇà½ÃÅ°°Å³ª BlackBerry Attachment Service°¡ Å©·¡½¬¸¦ ÀÏÀ¸Å°°Ô ÇÒ ¼ö ÀÖ´Ù.

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ ¿ø°ÝÁö È£½ºÆ®ÀÇ ·¹Áö½ºÆ®¸®¸¦ ¾×¼¼½ºÇÒ ¼ö ÀÖ´Â Guest ȤÀº ±× ÀÌ»óÀÇ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ­ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=D17796FAD975EB3DEED547969267EE10?externalId=KB04791&sliceId=1&cmd=displayKC&docType=kc&noCount=true&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl
http://archives.neohapsis.com/archives/bugtraq/2006-02/0160.html
http://www.kb.cert.org/vuls/id/570768
http://www.securitytracker.com/alerts/2005/Dec/1015426.html

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
BlackBerry Enterprise Server (IBM Lotus Domino) SP3 Hotfix 4 ÀÌÀüÀÇ 2.2°ú 4.0
BlackBerry Enterprise Server (Microsoft Exchange) SP7 ÀÌÀüÀÇ 3.6°ú SP3 Hotfix 3 ÀÌÀüÀÇ 5.0
BlackBerry Enterprise Server (Novell GroupWise) SP3 Hotfix 1 ÀÌÀüÀÇ 4.0
Microsoft Windows Any version
ÇØ°áÃ¥ ´ÙÀ½ BlackBerry Support Knowledge Base Article KB-04791¸¦ ÂüÁ¶ÇÏ¿©, ÀûÀýÇÑ ¼­ºñ½º ÆÑ / Hotfix¸¦ ¼³Ä¡Çϰųª Àӽà Á¶Ä¡¹æ¹ýµéÀ» µû¶ó¾ß ÇÑ´Ù:
http://btsc.webapps.blackberry.com/btsc/viewdocument.do;jsessionid=D17796FAD975EB3DEED547969267EE10?externalId=KB04791&sliceId=1&cmd=displayKC&docType=kc&noCount=true&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl
°ü·Ã URL CVE-2005-2341,CVE-2006-0761 (CVE)
°ü·Ã URL 16098,16590 (SecurityFocus)
°ü·Ã URL 23940,24629 (ISS)