English
¢¸¢· µÚ·Î
Ãë¾àÁ¡ID 50008
À§Çèµµ 30
Æ÷Æ® 139,445
ÇÁ·ÎÅäÄÝ TCP
ºÐ·ù SMB
»ó¼¼¼³¸í ¿ø°ÝÀÇ À©µµ¿ì È£½ºÆ®¿¡´Â ´ÙÁßÀÇ Ãë¾àÁ¡¿¡ ¿µÇâÀ» ¹Þ´Â ¾îÇø®ÄÉÀ̼ÇÀÌ ¼³Ä¡µÇ¾î ÀÖ´Ù. 1.6.2 ÀÌÀüÀÇ Wireshark 1.6.x ¼³Ä¡µÇ¾î ÀÖ´Ù. ÇØ´ç ¹öÀüÀº ´ÙÀ½ÀÇ Ãë¾àÁ¡¿¡ ¿µÇâÀ» ¹Þ´Â´Ù.

- IKE dissector¿¡¼­ À߸øµÈ ƯÁ¤ ÆÐŶÀ» ó¸®ÇÒ ¶§ ¼­ºñ½º °ÅºÎ °ø°ÝÀ» Çã¿ëÇÏ´Â ¿À·ù°¡ Á¸ÀçÇÑ´Ù. (CVE-2011-3266)
- ¹öÆÛ ¿¹¿Ü 󸮿¡¼­ À߸øµÈ ƯÁ¤ ÆÐŶÀ» ó¸®ÇÒ ¶§ ¼­ºñ½º °ÅºÎ °ø°ÝÀ» Çã¿ëÇÏ´Â Ãë¾àÁ¡ÀÌ Á¸ÀçÇÑ´Ù. (Issue #6135)
- Wireshark°¡ DLL hijacking°ú À¯»çÇÑ ¸Þ¼Òµå¸¦ »ç¿ëÇÏ´Â Lua ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇϵµ·Ï ÇÒ ¼ö ÀÖ´Ù. (Issue #6136)
- OpenSafety dissector¿¡¼­ À߸øµÈ ƯÁ¤ ÆÐŶÀ» ó¸®ÇÒ ¶§ ¼­ºñ½º °ÅºÎ °ø°ÝÀ» Çã¿ëÇÏ´Â ¿À·ù°¡ Á¸ÀçÇÑ´Ù. (Issue #6138)
- CSN.1 dissector¿¡´Â À߸øµÈ ƯÁ¤ ÆÐŶÀ» ó¸®ÇÒ ¶§ ¼­ºñ½º °ÅºÎ °ø°ÝÀ» Çã¿ëÇÏ´Â ¿À·ù°¡ Á¸ÀçÇÑ´Ù. (Issue #6139)

* ¾Ë¸²: ÀÌ Á¡°ËÇ׸ñÀº Á¡°ËÇϱâ À§ÇÑ È£½ºÆ®·Î ·Î±×ÀÎ ÇÒ ¼ö ÀÖ´Â °ü¸®ÀÚ ±ÇÇÑÀ» °¡Áø °èÁ¤À» ÇÊ¿ä·Î ÇÑ´Ù. ÀÌ·¯ÇÑ Á¶°ÇÀÌ ¾ÈµÇ¸é Á¡°ËÀ» ¼öÇàÇÒ ¼ö ¾øÀ¸¸ç ¸ðµç Ãë¾àÇÑ È£½ºÆ®µé¿¡ ´ëÇؼ­ °ÅÁþ À½¼º¹ÝÀÀ(False Negative)À» º¸ÀÏ ¼ö ÀÖ´Ù.

* Âü°í »çÀÌÆ®:
http://www.wireshark.org/security/wnpa-sec-2011-12.html
http://www.wireshark.org/security/wnpa-sec-2011-13.html
http://www.wireshark.org/security/wnpa-sec-2011-14.html
http://www.wireshark.org/security/wnpa-sec-2011-15.html
http://www.wireshark.org/security/wnpa-sec-2011-16.html
http://www.wireshark.org/docs/relnotes/wireshark-1.6.2.html

* ¿µÇâÀ» ¹Þ´Â Ç÷§Æû:
Wireshark 1.6.2 ÀÌÀü ¹öÀü
Microsoft Windows ¸ðµç ¹öÀü
ÇØ°áÃ¥ Wireshark À¥ »çÀÌÆ®ÀÎ http://www.wireshark.org/download.html ¿¡¼­ ±¸ÇÒ ¼ö ÀÖ´Â WiresharkÀÇ °¡Àå ÃֽŠ¹öÀü(1.6.2 ȤÀº ÀÌÈÄ)À¸·Î ¾÷±×·¹À̵å ÇÏ¿©¾ß ÇÑ´Ù.
Http://www.wireshark.org/download.html
°ü·Ã URL CVE-2011-3266 (CVE)
°ü·Ã URL 49377,49521,49522,49524,49528 (SecurityFocus)
°ü·Ã URL (ISS)