À§Çèµµ: »ó
°ø°ÝÀ¯Çü: ¿ø°Ý¿¡¼ MDAC¼ºñ½º¸¦ ¿î¿µÁßÀÎ ½Ã½ºÅÛ¿¡ °ü¸®ÀÚ ±ÇÇÑ È¹µæ ¹× ¸í·É ½ÇÇà
°ø°Ý¼³¸í:
MDAC(Microsoft Data Access Components)´Â ¿ø°Ý µ¥ÀÌÅͺ£À̽º¿¡ ¿¬°áÇϰí Ŭ¶óÀÌ¾ðÆ®¿¡ µ¥ÀÌÅ͸¦ ¹ÝȯÇÏ´Â °Í°ú °°Àº ´Ù¾çÇÑ µ¥ÀÌÅͺ£À̽º ÀÛ¾÷¿¡ ´ëÇÑ ±âº» ±â´ÉÀ» Á¦°øÇÏ´Â ÄÄÆ÷³ÍÆ®ÀÌ´Ù. ³×Æ®¿öÅ©¿¡ Á¸ÀçÇϴ Ŭ¶óÀÌ¾ðÆ® ½Ã½ºÅÛÀº SQL Server¸¦ ½ÇÇàÇϰí Àְųª, ³×Æ®¿öÅ©¿¡ ÀÖ´Â ÄÄÇ»ÅÍÀÇ ¸ñ·ÏÀ» º¸·Á°í ÇÒ ¶§, ³×Æ®¿öÅ©¿¡ ÀÖ´Â ¸ðµç ÀåÄ¡¿¡ ºê·Îµåij½ºÆ® ¿äûÀ» º¸³½´Ù. À̶§ ¾ÇÀÇÀûÀÎ °ø°ÝÀڴ ƯÁ¤ MDAC ±¸¼º ¿ä¼ÒÀÇ Ãë¾àÁ¡À» ÀÌ¿ëÇÏ¿© ¹öÆÛ ¿À¹ö·±À» ÀÏÀ¸Å°´Â Ư¼ö ÆÐŶÀ» º¸³» ¿äû¿¡ ÀÀ´äÇÑ´Ù. °á°úÀûÀ¸·Î °ø°ÝÀÚ´Â ÀÌ Ãë¾àÁ¡À» ¾Ç¿ëÇÏ¿© ÇØ´ç½Ã½ºÅÛ¿¡¼ ºê·Îµåij½ºÆ®ÇÑ ÇÁ·Î±×·¥ÀÌ ½ÇÇàµÈ ±ÇÇѰú µ¿ÀÏÇÑ ±ÇÇÑÀ» ȹµæÇÏ¿© ÀÓÀÇ ¸í·ÉÀ» ¼öÇàÇÒ ¼ö ÀÖ´Ù.
Ãë¾à½Ã½ºÅÛ:
Microsoft Data Access Components 2.5 (Microsoft Windows 2000¿¡ Æ÷ÇÔ)
Microsoft Data Access Components 2.6 (Microsoft SQL Server 2000¿¡ Æ÷ÇÔ)
Microsoft Data Access Components 2.7 (Microsoft Windows XP¿¡ Æ÷ÇÔ)
Microsoft Data Access Components 2.8 (Microsoft Windows Server 2003¿¡ Æ÷ÇÔ)
Ãë¾à ¿î¿µÃ¼Á¦:
Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Ãë¾à MDAC ¹öÀü:
Ãë¾àÁ¡Àº MDAC 2.5¿Í 2.6¿Í 2.7¿Í 2.8¿¡ ¿µÇâÀ» ¹ÌÄ£´Ù. ¾Æ·¡ ·¹Áö½ºÆ®¸® Ű °ª¿¡¼ È®ÀÎ °¡´ÉÇÏ´Ù
HKEY_LOCAL_MACHINESOFTWAREMicrosoftDataAccessFullInstallVer
°ø°Ý´ë»ó ¼¹öÆ÷Æ®: 1434/UDP
°ø°Ý¿µÇâ: Á¢±Ù±ÇÇÑÀ» ȹµæÇÏ¿© ÀÓÀÇ ¸í·ÉÀ» ¼öÇà ÇÒ ¼ö ÀÖ´Ù.
ÇØ°á¹æ¾È:
1. inbound Æ®·¡ÇÈÀ» Çã¿ëÇÏÁö ¸øÇϵµ·Ï 1434/UDP¸¦ Â÷´ÜÇÑ´Ù.
ÀÌ¿Í °°ÀÌ ¼³Á¤ÇÑ °æ¿ì SQL Ŭ¶óÀÌ¾ðÆ® ½Ã½ºÅÛÀÌ SQL ºê·Îµåij½ºÆ® ÇÏÁö ¾Ê´Â´Ù.
¿¹) Windows 2000 ±â¹Ý ÄÄÇ»ÅÍ¿¡¼ ¹ß»ýÇÑ ³×Æ®¿öÅ© Æ®·¡ÇÈÀÌ UDP 1434¿¡¼ ÇØ´ç È£½ºÆ®·Î ÀιٿîµåµÇ´Â °ÍÀ» Â÷´ÜÇÒ °æ¿ì ipsecpol -w REG -p "Block UDP 1434 Filter" -r "Block Inbound UDP 1434 Rule" -f *=0:1434:UDP -n BLOCK -x
2. ´ÙÀ½ »çÀÌÆ®¸¦ ÀÌ¿ëÇÏ¿© º¸¾È¾÷µ¥ÀÌÆ® ÇÑ´Ù.
http://www.microsoft.com/korea/technet/security/bulletin/ms04-003.asp
Âü°íÀÚ·á:
http://www.microsoft.com/korea/technet/security/bulletin/ms04-003.asp
http://www.ciac.org/ciac/bulletins/o-053.shtml
Ãë¾àÁ¡ ¹ßÇ¥ÀÏ: 2004-01-14
|