Ãë¾àÁ¡ID |
29126 |
À§Çèµµ |
40 |
Æ÷Æ® |
161 |
ÇÁ·ÎÅäÄÝ |
UDP |
ºÐ·ù |
CISCO |
»ó¼¼¼³¸í |
CISCO IOSÀÇ ¹öÀü Á¤º¸¿¡ µû¸£¸é ÇØ´ç ¼ÒÇÁÆ®¿þ¾î¿¡´Â Á¶ÀÛµÈ IPv6 ÆÐŶµé¿¡ ÀÇÇÑ ÀÓÀÇÀÇ ÄÚµå ½ÇÇà Ãë¾àÁ¡(CISCO ¹ö±× ID CSCef68324)ÀÌ Á¸ÀçÇÑ´Ù. IPv6´Â ÇöÀçÀÇ Internet ProtocolÀÇ ¹öÀüÀÎ IP ¹öÀü 4 (IPv4)¸¦ ´ëüÇϱâ À§ÇÑ IETF(Internet Engineering Task Force)¿¡ ÀÇÇØ °í¾ÈµÈ "Internet Protocol Version 6"ÀÌ´Ù. Cisco IOS 12.0¿¡¼ 12.4±îÁöÀÇ ¹öÀüµé, ±×¸®°í XR 3.2ÀÌÀüÀÇ ¹öÀüµéÀº IPv6 ÆÐŶ 󸮰úÁ¤¿¡¼ÀÇ ¿¹¿Üó¸® ¿À·ù·Î ÀÎÇÏ¿© ¿ø°ÝÁöÀÇ °ø°ÝÀÚ°¡ ÀÓÀÇÀÇ Äڵ带 ½ÇÇà½ÃÅ°°Å³ª ¼ºñ½º °ÅºÎ¸¦ ÀÏÀ¸Å°°Ô ÇØ ÁÙ ¼ö ÀÖ´Ù. Àåºñ¿¡¼ IPv6°¡ »ç¿ë ÁßÀ̶ó¸é ¿ø°ÝÁöÀÇ °ø°ÝÀÚ´Â Àß Á¶ÀÛµÈ IPv6 ÆÐŶÀ» º¸³» ¿µÇâÀ» ¹Þ´Â ÀåºñÀÇ ¿ÏÀüÇÑ Á¦¾î±ÇÀ» ¾ò¾î³¾ ¼ö ÀÖÀ¸¸ç Àåºñ¸¦ Àç½ÃÀÛ ½Ãų ¼öµµ ÀÖ´Ù. ½ÉÁö¾î ipv6ÀÇ Unicast ¶ó¿ìÆÃÀÌ Àü¿ªÀûÀ¸·Î »ç¿ë ÁßÀÌÁö ¾Ê´õ¶óµµ °¡´ÉÇÏ´Ù.
* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº ÀÌ Ãë¾àÁ¡À» Á¡°ËÇϱâ À§ÇØ ÇØ´ç ½Ã½ºÅÛÀÇ ¹öÀüÁ¤º¸¸¸À» È®ÀÎÇÑ´Ù. µû¶ó¼ °ÅÁþ ¾ç¼º¹ÝÀÀ(False Positive)À» º¸ÀÏ ¼ö ÀÖ´Ù. ÀÌ Á¡°ËÇ׸ñÀº ¶ÇÇÑ ¹öÀüÁ¤º¸¸¦ ¼öÁýÇϱâ À§ÇÏ¿© Àб⠱ÇÇÑÀÇ SNMP Community ¹®ÀÚ¿À» ÇÊ¿ä·Î ÇÑ´Ù. À̸¦ À§Çؼ´Â Á¤Ã¥ ÆíÁý±â¿¡¼ Á¡°ËÇ׸ñ "snmp/guessable/r"¿¡ Ÿ´çÇÑ Community ¹®ÀÚ¿À» Ãß°¡ÇÏ¿©¾ß ÇÑ´Ù. IPv6¸¦ ±¸¼ºÇÑ ÀÎÅÍÆäÀ̽ºµéÀ» °¡Áö°í ÀÖÁö ¾ÊÀº Cisco IOSÀÇ ¾î¶² ¹öÀüÀ» ¿î¿µ ÁßÀÎ Á¦Ç°µéÀº Ãë¾àÇÏÁö ¾Ê´Ù. ÀÌ °æ¿ì ÀÌ Ãë¾àÁ¡Àº ¹«½ÃÇÑ´Ù.
* Âü°í »çÀÌÆ®: http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml http://www.kb.cert.org/vuls/id/930892 http://www.us-cert.gov/cas/techalerts/TA05-210A.html http://www.osvdb.org/18332 http://securitytracker.com/alerts/2005/Jul/1014598.html
* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû: Cisco IOS 12.0¿¡¼ 12.4±îÁöÀÇ ¹öÀüµé, ±×¸®°í XR 3.2ÀÌÀüÀÇ ¹öÀüµé |
ÇØ°áÃ¥ |
´ÙÀ½ Cisco º¸¾È ±Ç°í¾È(IPv6 Crafted Packet Vulnerability)ÀÇ "Software Versions and Fixes" ¸¦ ÂüÁ¶ÇÏ¿© ¹®Á¦°¡ ÇØ°áµÈ ¹öÀüÀ¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù: http://www.cisco.com/warp/public/707/cisco-sa-20050729-ipv6.shtml
¾÷±×·¹À̵åµéÀº Cisco À¥ »çÀÌÆ®ÀÎ http://www.cisco.com ¿¡ ÀÖ´Â Software Center¸¦ ÅëÇØ ±¸ÇÒ ¼ö ÀÖ´Ù. |
°ü·Ã URL |
CVE-2005-2451 (CVE) |
°ü·Ã URL |
14414 (SecurityFocus) |
°ü·Ã URL |
21591 (ISS) |
|