|
Ä¿ÇÇÇâÀÌ ³ª´Â *NIX
Ä¿ÇǴнº
½Ã½ºÅÛ/³×Æ®¿÷/º¸¾ÈÀ» ´Ù·ç´Â °÷
|
|
|
|
ÀÌÀü ÁÖÁ¦ º¸±â :: ´ÙÀ½ ÁÖÁ¦ º¸±â |
±Û¾´ÀÌ |
¸Þ½ÃÁö |
truefeel Ä«Æä °ü¸®ÀÚ
°¡ÀÔ: 2003³â 7¿ù 24ÀÏ ¿Ã¸° ±Û: 1277 À§Ä¡: ´ëÇѹα¹
|
¿Ã·ÁÁü: 2009.12.11 ±Ý, 1:20 pm ÁÖÁ¦: ´ë·® SQL Injection °ø°Ý ÁÖÀÇ |
|
|
ÃÖ±Ù ¶Ç ´Ù½Ã ´ë·® SQL Injection °ø°Ý(Mass SQL Injection)ÀÌ ¹ß»ýÇÏ°í ÀÖ´Ù. ÀÌ °ø°ÝÀº 11¿ùºÎÅÍ ½ÃÀÛÇß°í, ¸¹Àº »çÀÌÆ®°¡ °ø°ÝÀ» ¹ÞÀº °ÍÀ¸·Î ÀǽÉÀÌ µÈ´Ù. ÇöÀç ±¸±Û¿¡¼ °Ë»öÇßÀ» ¶§ ¾à 13¸¸ »çÀÌÆ®°¡ °Ë»öµÇ¾î ³ª¿Â´Ù. °Ë»öµÈ ÆäÀÌÁö°¡ .aspÀΰɷΠºÁ¼´Â MS-SQLÀ» ´ë»óÀ¸·Î ÇÑ °ø°ÝÀ¸·Î º¸ÀδÙ.
°ø°ÝÀ» ´çÇÑ ÆäÀÌÁö´Â iframe¿¡ javascript·Î 318x.com/ ¸¦ ºÒ·¯µéÀ̸ç, ÀÌ ÆäÀÌÁö´Â ¶Ç´Ù¸¥ html µîÀ» ºÒ·¯µéÀÌ´Â °úÁ¤À» ¹Ýº¹ÇÑ´Ù. ±×¸®°í, ÆäÀÌÁöµéÀº ³µ¶È(Obfuscation)µÇ¾î ÀÖ¾î ½±°Ô ÆľÇÇϱ⠾î·ÆµÇ¾î ÀÖ´Ù.
ÆäÀÌÁöµé Áß¿¡ »çÀÌÆ®¿¡ ¹æ¹®ÇÑ À¯ÀúÀÇ MDAC, OWC10, Adobe Flash ¹öÀü µîÀ» üũÇÏ°í, ÀÌ °á°ú¿¡ µû¶ó¼ ´Ù¾çÇÑ Ãë¾àÁ¡À» »ç¿ëÇÑ´Ù. Ãë¾àÁ¡ÀÌ ¹ß°ßµÇ¸é, ¾Ç¼ºÄÚµå(Trojan.Generic.2823971(¶Ç ´Ù¸¥ À̸§ Trojan.Win32.Buzus.croo))¸¦ ½É´Â ÇüÅ·ΠµÇ¾î ÀÖ´Ù.
ÀÌ ¶§ ´ÙÀ½°ú °°Àº Ãë¾àÁ¡À» ÀÌ¿ëÇÑ´Ù.
Àοë: |
* Integer overflow vulnerability in Adobe Flash Player, described in CVE-2007-0071
* MDAC ADODB.Connection ActiveX vulnerability described in MS07-009
* Microsoft Office Web Components vulnerabilities described in MS09-043
* Microsoft video ActiveX vulnerability described in MS09-032
* Internet Explorer Uninitialized Memory Corruption Vulnerability -- MS09-002.
|
¾Ç¼º ½ºÅ©¸³Æ®°¡ µé¾îÀÖ´Â 318x.com µµ¸ÞÀÎÀ» whoisÇغôÙ.
Àοë: |
Domain Name: 318X.COM
Name Server: No nameserver
Status: clientHold
Updated Date: 10-dec-2009
Creation Date: 02-nov-2009
Expiration Date: 02-nov-2010
|
µµ¸ÞÀÎÀº 11¿ù 2ÀÏ ÃÖ±Ù¿¡ ¸¸µé¾îÁø °ÍÀÌ´Ù. À̹ø ÀÏÀ» À§ÇØ µµ¸ÞÀÎÀ» ¸¸µç °ÍÀ¸·Î ÃßÃøÇÒ ¼ö ÀÖ´Ù.
±×¸®°í, 1) ³×ÀÓ¼¹ö´Â ¾ø´Â °ÍÀ¸·Î Ç¥½Ã(Name Server: No nameserver)µÈ´Ù. 2) ¶ÇÇÑ Status: clientHold ¶ó°í ³ª¿À´Âµ¥, ÀÌ´Â µµ¸ÞÀÎ ¾÷ü¿¡¼ ÀÌ µµ¸ÞÀÎÀ» »ç¿ëÇÒ ¼ö ¾øµµ·Ï Á¶Ä¡¸¦ ÃëÇÑ °ÍÀ¸·Î º¸ÀδÙ. Status: clientHold ¿¡ ´ëÇؼ´Â 'µµ¸ÞÀÎ Á¤º¸ÀÇ ¼û°ÜÁø ºñ¹Ð, »óÅ ÄÚµå(±Û ÁÁÀºÁøÈ£, 2009.6)'ÀÇ '7) clientHold'ºÎºÐÀ» º¸¸é Àß ³ª¿Í ÀÖ´Ù.
Àοë: |
7) clientHold
µî·Ï¾÷ü°¡ »ç¿ë À¯¿¹¸¦ ¼³Á¤ÇÑ »óÅ´Ù. ... »ý·« ... ÀÌ »óÅ¿¡¼´Â µµ¸ÞÀÎÀ» »ç¿ëÇÒ ¼ö ¾ø´Ù. Áï, ȨÆäÀÌÁö¸¦ ¿î¿µÇÒ ¼ö ¾ø´Ù. |
ÇöÀç´Â µµ¸ÞÀÎÀ» »ç¿ëÇÒ ¼ö ¾øµµ·Ï µÇ¾î ÀÖÁö¸¸, ³×ÀÓ¼¹ö´Â ¸î½Ã°£(ÇϷ纸´Ù ªÀº ½Ã°£) Àü±îÁö¸¸ Çصµ ¼³Á¤µÇ¾î ÀÖ¾ú°í, ÇØ´ç µµ¸ÞÀεµ »ç¿ëÇÒ ¼ö ÀÖ¾ú´Ù. 'Updated Date: 10-dec-2009'¿¡ Ç¥½ÃµÈ´ë·Î, ÀÌ ¶§ »ç¿ë ºÒ°¡ ¼³Á¤ÀÌ µÇ¾úÀ» °ÍÀÌ´Ù.
malwareurl.comÀÇ °Ë»ö °á°úÀÌ´Ù.
318x.com µµ¸ÞÀÎÀÌ ¾Æ´Ï´õ¶óµµ, ´Ù¸¥ µµ¸ÞÀÎÀ¸·Î ¾Ç¼ºÄڵ带 ½É¾î ³õÀ» ¼öµµ ÀÖ´Â °ÍÀÌ´Ù. µû¶ó¼ ÀÌ¿ëÀÚµéÀº º¸¾È ÆÐÄ¡¸¦ öÀúÈ÷ ÇØ¾ß ÇÑ´Ù.
* °ü·Ã Á¤º¸
- SQL injection attack claims 132,000+
- New wave of SQL Injection Attacks
* SQL Injection °ü·Ã ±Û
- Flash 0-day Ãë¾àÁ¡°ú ´ë·® SQL Injection ÁÖÀÇ ( 2010.6.16 )
- MySQL¿¡¼ º¸¾ÈÀ§ÇØ load_file() °æ·Î Á¦ÇÑÇϱâ ( 2010.5 )
- 12.22~23 Ä¿ÇǴнº À̾߱â (Intel»çÀÌÆ® SQL Injectionµî) ( 2009.12.24 ) |
|
À§·Î |
|
|
|
|
»õ·Î¿î ÁÖÁ¦¸¦ ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù ´ä±ÛÀ» ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù ÁÖÁ¦¸¦ ¼öÁ¤ÇÒ ¼ö ¾ø½À´Ï´Ù ¿Ã¸° ±ÛÀ» »èÁ¦ÇÒ ¼ö ¾ø½À´Ï´Ù ÅõÇ¥¸¦ ÇÒ ¼ö ¾ø½À´Ï´Ù
|
Powered by phpBB © 2001, 2005 phpBB Group
|