°øÁö»çÇ×
º¸¾ÈÆÐÄ¡
°áÁ¦¹æ¹ý¾È³»
¼­ºñ½º ÀÌ¿ë¾à°ü
°³ÀÎÁ¤º¸Ãë±Þ¹æÄ§
ÀÚÁÖ¹¯´ÂÁú¹®
±â¼ú°¡À̵å
¹®ÀÇÇϱâ
Á¦ ¸ñ MDAC ÇÔ¼öÀÇ ¹öÆÛ ¿À¹ö·±À¸·Î ÀÎÇÑ ÄÚµå ½ÇÇà ¹®Á¦(MS04-003)
ÀÛ¼ºÀÚ Çϳª·ÎÈ£½ºÆÃ ( hosting@hhosting.co.kr ) µî·ÏÁ¤º¸ 2004-01-26 00:00:00 Á¶È¸¼ö 30645
À§Çèµµ: »ó

°ø°ÝÀ¯Çü: ¿ø°Ý¿¡¼­ MDAC¼­ºñ½º¸¦ ¿î¿µÁßÀÎ ½Ã½ºÅÛ¿¡ °ü¸®ÀÚ ±ÇÇÑ È¹µæ ¹× ¸í·É ½ÇÇà


°ø°Ý¼³¸í:



MDAC(Microsoft Data Access Components)´Â ¿ø°Ý µ¥ÀÌÅͺ£À̽º¿¡ ¿¬°áÇϰí Ŭ¶óÀÌ¾ðÆ®¿¡ µ¥ÀÌÅ͸¦ ¹ÝȯÇÏ´Â °Í°ú °°Àº ´Ù¾çÇÑ µ¥ÀÌÅͺ£À̽º ÀÛ¾÷¿¡ ´ëÇÑ ±âº» ±â´ÉÀ» Á¦°øÇÏ´Â ÄÄÆ÷³ÍÆ®ÀÌ´Ù. ³×Æ®¿öÅ©¿¡ Á¸ÀçÇϴ Ŭ¶óÀÌ¾ðÆ® ½Ã½ºÅÛÀº SQL Server¸¦ ½ÇÇàÇϰí Àְųª, ³×Æ®¿öÅ©¿¡ ÀÖ´Â ÄÄÇ»ÅÍÀÇ ¸ñ·ÏÀ» º¸·Á°í ÇÒ ¶§, ³×Æ®¿öÅ©¿¡ ÀÖ´Â ¸ðµç ÀåÄ¡¿¡ ºê·Îµåij½ºÆ® ¿äûÀ» º¸³½´Ù. À̶§ ¾ÇÀÇÀûÀÎ °ø°ÝÀڴ ƯÁ¤ MDAC ±¸¼º ¿ä¼ÒÀÇ Ãë¾àÁ¡À» ÀÌ¿ëÇÏ¿© ¹öÆÛ ¿À¹ö·±À» ÀÏÀ¸Å°´Â Ư¼ö ÆÐŶÀ» º¸³» ¿äû¿¡ ÀÀ´äÇÑ´Ù. °á°úÀûÀ¸·Î °ø°ÝÀÚ´Â ÀÌ Ãë¾àÁ¡À» ¾Ç¿ëÇÏ¿© ÇØ´ç½Ã½ºÅÛ¿¡¼­ ºê·Îµåij½ºÆ®ÇÑ ÇÁ·Î±×·¥ÀÌ ½ÇÇàµÈ ±ÇÇѰú µ¿ÀÏÇÑ ±ÇÇÑÀ» ȹµæÇÏ¿© ÀÓÀÇ ¸í·ÉÀ» ¼öÇàÇÒ ¼ö ÀÖ´Ù.





Ãë¾à½Ã½ºÅÛ:



Microsoft Data Access Components 2.5 (Microsoft Windows 2000¿¡ Æ÷ÇÔ)

Microsoft Data Access Components 2.6 (Microsoft SQL Server 2000¿¡ Æ÷ÇÔ)

Microsoft Data Access Components 2.7 (Microsoft Windows XP¿¡ Æ÷ÇÔ)

Microsoft Data Access Components 2.8 (Microsoft Windows Server 2003¿¡ Æ÷ÇÔ)





Ãë¾à ¿î¿µÃ¼Á¦:



Microsoft Windows 2000 Advanced Server

Microsoft Windows 2000 Datacenter Server

Microsoft Windows 2000 Professional

Microsoft Windows 2000 Server

Microsoft Windows Server 2003 Datacenter Edition

Microsoft Windows Server 2003 Enterprise Edition

Microsoft Windows Server 2003 Standard Edition

Microsoft Windows Server 2003 Web Edition

Microsoft Windows XP Home Edition

Microsoft Windows XP Professional





Ãë¾à MDAC ¹öÀü:



Ãë¾àÁ¡Àº MDAC 2.5¿Í 2.6¿Í 2.7¿Í 2.8¿¡ ¿µÇâÀ» ¹ÌÄ£´Ù. ¾Æ·¡ ·¹Áö½ºÆ®¸® Ű °ª¿¡¼­ È®ÀÎ °¡´ÉÇÏ´Ù

HKEY_LOCAL_MACHINESOFTWAREMicrosoftDataAccessFullInstallVer





°ø°Ý´ë»ó ¼­¹öÆ÷Æ®: 1434/UDP





°ø°Ý¿µÇâ: Á¢±Ù±ÇÇÑÀ» ȹµæÇÏ¿© ÀÓÀÇ ¸í·ÉÀ» ¼öÇà ÇÒ ¼ö ÀÖ´Ù.





ÇØ°á¹æ¾È:



1. inbound Æ®·¡ÇÈÀ» Çã¿ëÇÏÁö ¸øÇϵµ·Ï 1434/UDP¸¦ Â÷´ÜÇÑ´Ù.



ÀÌ¿Í °°ÀÌ ¼³Á¤ÇÑ °æ¿ì SQL Ŭ¶óÀÌ¾ðÆ® ½Ã½ºÅÛÀÌ SQL ºê·Îµåij½ºÆ® ÇÏÁö ¾Ê´Â´Ù.



¿¹) Windows 2000 ±â¹Ý ÄÄÇ»ÅÍ¿¡¼­ ¹ß»ýÇÑ ³×Æ®¿öÅ© Æ®·¡ÇÈÀÌ UDP 1434¿¡¼­ ÇØ´ç È£½ºÆ®·Î ÀιٿîµåµÇ´Â °ÍÀ» Â÷´ÜÇÒ °æ¿ì ipsecpol -w REG -p "Block UDP 1434 Filter" -r "Block Inbound UDP 1434 Rule" -f *=0:1434:UDP -n BLOCK -x



2. ´ÙÀ½ »çÀÌÆ®¸¦ ÀÌ¿ëÇÏ¿© º¸¾È¾÷µ¥ÀÌÆ® ÇÑ´Ù.



http://www.microsoft.com/korea/technet/security/bulletin/ms04-003.asp





Âü°íÀÚ·á:



http://www.microsoft.com/korea/technet/security/bulletin/ms04-003.asp

http://www.ciac.org/ciac/bulletins/o-053.shtml



Ãë¾àÁ¡ ¹ßÇ¥ÀÏ: 2004-01-14

ÃÑ 174 °Ç
¹øÈ£ Á¦¸ñ µî·ÏÀÏ Á¶È¸¼ö
12 AhnLab V3 ¹é½Å ÇÁ·Î±×·¥ Ãë¾àÁ¡ ÆÐÄ¡ ±Ç°í 2005-09-21 31564
11 [Çϳª·ÎÈ£½ºÆÃ-º¸¾È°øÁö] Win32.zotob Ãë¾àÁ¡ ´ëÀÀ ¸Å´º¾ó ¾È³» 2005-08-18 30719
10 [º¸¾È±ä±Þ»óȲ] Zotob ¿ú ¹× º¯Á¾ È®»ê 2005-08-16 31083
9 [°üÁ¦¼¾ÅÍ]º¸¾È±Ç°í¹®<Áß,ÀÏ »çÀ̹öÀü¿¡ µû¸¥ Ä§ÇØ»ç°í ¿¹¹æ> 2005-08-11 30030
8 JAVA±â¹Ý À¥¼­¹ö ¾÷±×·¹ÀÌµå ½Ç½Ã 2005-07-26 30356
7 MSÀ©µµ¿ì º¸¾ÈÆÐÄ¡ ±Ç°í»çÇ×(2005.6.15) 2005-06-16 31198
6 ȨÆäÀÌÁö °³¹ß º¸¾È °¡ÀÌµå ¹èÆ÷ 2005-05-19 30439
5 [ : º¸¾È±Ç°í¹® ] ȨÆäÀÌÁö ´ë·® º¯Á¶ ¹ß»ý¿¡ µû¸¥ ¡®ÁÖÀÇ¡¯ °æº¸¹ß·É 2005-01-07 31691
4 [±ä±Þ]Á¦·Îº¸µå³ª KorWeblog »ç¿ë ¾÷ü´Â ½Å¼ÓÆÐÄ¡ ¿ä¸Á 2005-01-04 30623
3 [C±Þ] SPYBOT.S ¿ú ¿¹º¸ 2004-01-26 34541
=> MDAC ÇÔ¼öÀÇ ¹öÆÛ ¿À¹ö·±À¸·Î ÀÎÇÑ ÄÚµå ½ÇÇà ¹®Á¦(MS04-003) 2004-01-26 30645
1 [±ä±Þ]Linux Kernel privilege escalation security Ãë¾àÁ¡ °øÁö 2003-12-12 31172
  [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]  
1