½Ã½ºÅÛ°ü¸®ÀÚÀÇ ½°ÅÍ Ä¿ÇǴнº Ä¿ÇÇÇâÀÌ ³ª´Â *NIX
Ä¿ÇǴнº
½Ã½ºÅÛ/³×Æ®¿÷/º¸¾ÈÀ» ´Ù·ç´Â °÷
 FAQFAQ   °Ë»ö°Ë»ö   ¸â¹ö¸®½ºÆ®¸â¹ö¸®½ºÆ®   »ç¿ëÀÚ ±×·ì»ç¿ëÀÚ ±×·ì   »ç¿ëÀÚ µî·ÏÇϱâ»ç¿ëÀÚ µî·ÏÇϱâ 
 °³ÀÎ Á¤º¸°³ÀÎ Á¤º¸   ºñ°ø°³ ¸Þ½ÃÁö¸¦ È®ÀÎÇÏ·Á¸é ·Î±×ÀÎÇϽʽÿÀºñ°ø°³ ¸Þ½ÃÁö¸¦ È®ÀÎÇÏ·Á¸é ·Î±×ÀÎÇϽʽÿÀ   ·Î±×Àηα×ÀΠ

°¡ÀÔ¾øÀÌ ´©±¸³ª ±ÛÀ» ¾µ ¼ö ÀÖ½À´Ï´Ù. °øÁö»çÇ׿¡ ´ëÇÑ ´ñ±Û±îÁöµµ..




BBS >> ¼³Ä¡, ¿î¿µ Q&A | ³×Æ®¿÷, º¸¾È Q&A | ÀÏ¹Ý Q&A || Á¤º¸¸¶´ç | AWS || ÀÚÀ¯°Ô½ÃÆÇ | ±¸Àα¸Á÷ || °øÁö»çÇ× | ÀÇ°ßÁ¦½Ã
¸®´ª½º glibc Ãë¾àÁ¡, "GHOST"

 
±Û ¾²±â   ´äº¯ ´Þ±â    Ä¿ÇǴнº, ½Ã½ºÅÛ ¿£Áö´Ï¾îÀÇ ½°ÅÍ °Ô½ÃÆÇ À妽º -> *NIX / IT Á¤º¸
ÀÌÀü ÁÖÁ¦ º¸±â :: ´ÙÀ½ ÁÖÁ¦ º¸±â  
±Û¾´ÀÌ ¸Þ½ÃÁö
truefeel
Ä«Æä °ü¸®ÀÚ


°¡ÀÔ: 2003³â 7¿ù 24ÀÏ
¿Ã¸° ±Û: 1277
À§Ä¡: ´ëÇѹα¹

¿Ã¸®±â¿Ã·ÁÁü: 2015.1.28 ¼ö, 2:02 pm    ÁÖÁ¦: ¸®´ª½º glibc Ãë¾àÁ¡, "GHOST" Àοë°ú ÇÔ²² ´äº¯

glibc¿¡ Àϸí "GHOST"¶ó°í ºÒ¸®´Â ½É°¢ÇÑ Ãë¾àÁ¡(CVE-2015-0235)ÀÌ ¹ß°ßµÇ¾ú´Ù. gblic 2.17ÀÌÇÏ(2013.5.21 ÀÌÀü ¹öÀü)´Â gethostbyname(), gethostbyname2() ÄÝÀÇ ¹ö±×·Î ·ÎÄðú ¿ø°ÝÁö¿¡¼­ ±ÇÇÑÀ» ȹµæÇÒ ¼ö ÀÖ´Ù. Exim ¸ÞÀϼ­¹ö´Â À©°ÝÁö¿¡¼­ Ãë¾àÇÑ °ÍÀ¸·Î È®ÀεǾú°í, gethostbyname ÄÝÀ» »ç¿ëÇÏ´Â ¿©·¯ µ¥¸óµéÀÌ ¹®Á¦°¡ ÀÖÀ» ¼ö ÀÖ´Ù.

* Linux "GHOST" Vulnerability Hits Glibc Systems
http://www.phoronix.com/scan.php?page=news_item&px=Linux-GHOST-Glibc-Security

* GHOST: glibc gethostbyname buffer overflow
http://www.openwall.com/lists/oss-security/2015/01/27/9

Àοë:
we discovered that it was fixed on May 21, 2013 (between the releases of glibc-2.17 and glibc-2.18 ).
Unfortunately, it was not recognized as a security threat; as a result, most stable and long-term-support distributions were left exposed (and still are):
Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7, Ubuntu 12.04, for example.


´ÙÇàÀÎ °ÍÀº apache, nginx, lighttpd µî ´ëÇ¥ÀûÀÎ À¥¼­¹ö¿Í proftpd, vsftpd, pure-ftpd µî ´Ù¼ö FTP ¼­¹ö, openssh´Â Ãë¾àÇÏÁö ¾Ê´Â °ÍÀ¸·Î ¹àÇôÁ³´Ù.
Qualys Security Advisory teamÀÌ OSS Security ¸ÞÀϸµ¸®½ºÆ®¿¡ º¸³½ ³»¿ë¿¡ µû¸£¸é, ´ÙÀ½ µ¥¸óµéÀº ¹®Á¦ ¾ø´Ù°í ÇÑ´Ù.
http://www.openwall.com/lists/oss-security/2015/01/27/18

Àοë:

apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql, nfs-utils, nginx, nodejs, openldap, openssh, postfix, proftpd, pure-ftpd, rsyslog, samba, sendmail, sysklogd, syslog-ng, tcp_wrappers, vsftpd, xinetd.


RHEL(CentOS)Àº ÆÐÄ¡¸¦ Á¦°øÇÏ°í ÀÖ´Ù.

* RHEL5, CentOS 5 (ÆÐÄ¡µÈ ÆÐÅ°Áö¸í : glibc-2.5-123.el5_11.1)
https://rhn.redhat.com/errata/RHSA-2015-0090.html
* RHEL6 & 7, CentOS 6 & 7 (RHEL6 ÆÐÄ¡µÈ ÆÐÅ°Áö¸í : glibc-2.12-1.149.el6_6.5, RHEL 7 : glibc-2.17-55.el7_0.5)
https://rhn.redhat.com/errata/RHSA-2015-0092.html

ÄÚµå:

# yum -y update    ( -y´Â ¾÷µ¥ÀÌÆ® ÇÒ °ÍÀÎÁö ¹¯Áö ¾Ê°í ¹Ù·Î update)
... »ý·« ...
 glibc            x86_64    2.12-1.149.el6_6.5    updates      3.8 M
 glibc-common     x86_64    2.12-1.149.el6_6.5    updates       14 M
 glibc-devel      x86_64    2.12-1.149.el6_6.5    updates      983 k
 glibc-headers    x86_64    2.12-1.149.el6_6.5    updates      612 k
À§·Î
»ç¿ëÀÚ Á¤º¸ º¸±â ºñ¹Ð ¸Þ½ÃÁö º¸³»±â ±Û ¿Ã¸°ÀÌÀÇ À¥»çÀÌÆ® ¹æ¹®
truefeel
Ä«Æä °ü¸®ÀÚ


°¡ÀÔ: 2003³â 7¿ù 24ÀÏ
¿Ã¸° ±Û: 1277
À§Ä¡: ´ëÇѹα¹

¿Ã¸®±â¿Ã·ÁÁü: 2015.2.02 ¿ù, 4:49 pm    ÁÖÁ¦: "GHOST"¿¡ Ãë¾àÇÑ ¸®´ª½º ¹èÆ÷ÆÇ°ú ¹öÀüÀº? Àοë°ú ÇÔ²² ´äº¯

Vulnerability Overview: Ghost (CVE-2015-0235)
http://chargen.matasano.com/chargen/2015/1/27/vulnerability-overview-ghost-cve-2015-0235.html

¸®´ª½º OSº°·Î ¾î´À ¹öÀüÀÌ Ãë¾àÇÑÁö °¡Àå Àß Á¤¸®ÇÑ °Í °°³×¿ä.
Ubuntu 14.04 ÀÌ»ó, Fedora 20ÀÌ»óÀº Ãë¾àÇÏÁö ¾Ê°í, Gentoo, Arch´Â ¸ðµÎ Ãë¾àÇÏÁö ¾Ê½À´Ï´Ù.
³ª¸ÓÁö OS´Â Á÷Á¢ È®ÀÎÇغ¸¼¼¿ä.
À§·Î
»ç¿ëÀÚ Á¤º¸ º¸±â ºñ¹Ð ¸Þ½ÃÁö º¸³»±â ±Û ¿Ã¸°ÀÌÀÇ À¥»çÀÌÆ® ¹æ¹®
ÀÌÀü ±Û Ç¥½Ã:   
±Û ¾²±â   ´äº¯ ´Þ±â    Ä¿ÇǴнº, ½Ã½ºÅÛ ¿£Áö´Ï¾îÀÇ ½°ÅÍ °Ô½ÃÆÇ À妽º -> *NIX / IT Á¤º¸ ½Ã°£´ë: GMT + 9 ½Ã°£(Çѱ¹)
ÆäÀÌÁö 1 Áß 1

 
°Ç³Ê¶Ù±â:  
»õ·Î¿î ÁÖÁ¦¸¦ ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù
´ä±ÛÀ» ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù
ÁÖÁ¦¸¦ ¼öÁ¤ÇÒ ¼ö ¾ø½À´Ï´Ù
¿Ã¸° ±ÛÀ» »èÁ¦ÇÒ ¼ö ¾ø½À´Ï´Ù
ÅõÇ¥¸¦ ÇÒ ¼ö ¾ø½À´Ï´Ù


Powered by phpBB © 2001, 2005 phpBB Group