Ŭ¶ó¿ìµå
Çϳª·ÎŬ¶ó¿ìµå
ÇØ¿ÜŬ¶ó¿ìµå
¾Æ¸¶Á¸À¥¼ºñ½º
¼¹öÈ£½ºÆÃ
¼¹öÈ£½ºÆÃ ¾È³»
¼¹öÈ£½ºÆÃ Á¾·ù ¹× ½Åû
¼¹ö Àüü ºñ±³
¼¹ö°ü¸® ¼ºñ½º
È£½ºÆÃ
MSSQL È£½ºÆÃ
À̹ÌÁö È£½ºÆÃ
CDN È£½ºÆÃ
ÄÚ·ÎÄÉÀ̼Ç
À§Å¹¼¹öÈ£½ºÆÃ
»ó¸éÇü ÄÚ·ÎÄÉÀ̼Ç
³×Æ®¿÷ Àåºñ(L2,L4)
º¸¾È¼ºñ½º
°³ÀÎÁ¤º¸º¸È£ ¾È³»
ÅëÇÕº¸¾È ÀåºñÀÓ´ë
IPS º¸¾È °üÁ¦ ¼ºñ½º
DB¾ÏÈ£È / Á¢±ÙÁ¦¾î
º¸¾È ¼¹öÀÎÁõ¼
À¥¹æÈº®
À¥ ½© °ø°ÝŽÁö
À¥ ¾Ç¼ºÄÚµå ŽÁö ¼ºñ½º
Anti-Virus ¼ºñ½º
Anti SPAN ¼ºñ½º
ºÎ°¡¼ºñ½º
MS¶óÀ̼¾½º
¹é¾÷ ¼ºñ½º
ºÎÇÏºÐ»ê ¼ºñ½º
HA(°í°¡¿ë¼º)¼ºñ½º
½ºÆ®¸®¹Ö ¼Ö·ç¼Ç
CDP BackUp
·Î±×ºÐ¼®
ºñÁî¸ÞÀÏ·¯
SMS/LMS/MMS
ȨÆäÀÌÁö/¼îÇθô
¼îÇθôâ¾÷
ȨÆäÀÌÁöÁ¦ÀÛ ¹× À¯Áöº¸¼ö
¸ð¹ÙÀÏ À¥&¾Û
¼Ò»ó°øÀÎ Çùµ¿Á¶ÇÕ
°øÁö»çÇ×
º¸¾ÈÆÐÄ¡
°áÁ¦¹æ¹ý¾È³»
¼ºñ½º ÀÌ¿ë¾à°ü
°³ÀÎÁ¤º¸Ãë±Þ¹æÄ§
ÀÚÁÖ¹¯´ÂÁú¹®
±â¼ú°¡À̵å
¹®ÀÇÇϱâ
+
Ȩ
>
°í°´¼¾ÅÍ
°øÁö»çÇ×
Á¦ ¸ñ
[±ä±Þ °øÁö] Bash Ãë¾àÁ¡ ¾÷µ¥ÀÌÆ®
ÀÛ¼ºÀÚ
±è¼±È£ (
se@hhosting.co.kr
)
µî·ÏÁ¤º¸
2014-10-02 18:05:13
Á¶È¸¼ö
21621
¾È³çÇϼ¼¿ä~ Çϳª·ÎÈ£½ºÆÃÀÔ´Ï´Ù
Bash 4.3 version Ãë¾àÁ¡ ¾È³».
°ü·Ã±â»ç : http://www.zdnet.co.kr/news/news_view.asp?artice_id=20140925112954&type=xml
bash°¡ 4.3À̻󿡼 ÆÐÄ¡µÇ¾ú´Ù°í ÇÏ´øµ¥ 4.3ÀÌ¶óµµ ¿©ÀüÈ÷ Ãë¾àÁ¡¿¡ ³ëÃâµÈ´Ù°í ÇÕ´Ï´Ù.
(6.4¿¡¼ bash°¡ 4.3¹öÀüÀε¥ Ãë¾àÁ¡ ³ëÃâ»óÅ·ΠȮÀεÊ)
¾Æ·¡ ¸í·É¾î ÀÔ·ÂÇÏ¿© Ãë¾àÁ¡ Á¡°Ë °¡´ÉÇÕ´Ï´Ù.
1. È®Àιý
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
°á°ú -> Ãë¾à
vulnerable
this is test
°á°ú -> Ãë¾àÁ¡ ÆÐÄ¡ Àû¿ë
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test
¶Ç´Â
this is a test
2. ¾÷µ¥ÀÌÆ®¹ý
(1) CentOs
yum update bash
(2) Unbuntu
sudo apt-get install --only-upgrade bash
(3) RedHat
´ëü ÈÄ, »ç¿ëÇÒ ¹öÀü ¸Â°Ô ¸í·É¾î ÀÔ·Â
rpm —import http://mirror.centos.org/centos/ (¹öÀü¿¡ µû¶ó ÀÔ·Â)
(ex : rpm —import http://mirror.centos.org/centos/5/os/x86_64/RPM-GPG-KEY-CentOS-5)
yum update bash
(4)debian
sudo apt-get install bash
3.¾÷µ¥ÀÌÆ® ÈÄ ´Ù½Ã Çѹø Ãë¾àÁ¡ Á¡°ËÀ» ÇÏ½Ã¸é µË´Ï´Ù.
°øÁö»çÇ×À» º¸½Ã¸é ¼¹ö¿¡ Á¢¼ÓÇϼż ²À ¾÷µ¥ÀÌÆ® ÇØÁֽñ⠹ٶø´Ï´Ù.
¸¸¾à¿¡ ¾÷µ¥ÀÌÆ®°¡ °¡´ÉÇÏÁö ¾Ê´Ù¸é Áö¿ø¿äû¿¡ ³²°ÜÁֽñ⠹ٶø´Ï´Ù.
°øÁö»çÇ×
ÃÑ 71 °Ç
¹øÈ£
Á¦¸ñ
µî·ÏÀÏ
Á¶È¸¼ö
=>
[±ä±Þ °øÁö] Bash Ãë¾àÁ¡ ¾÷µ¥ÀÌÆ®
2014-10-02
21621
52
[º¸¾È]OpenSSL ´ÙÁß Ãë¾àÁ¡ º¸¾È¾÷µ¥ÀÌÆ® ±Ç°í
2014-06-17
21641
51
[º¸¾È] OpenSSL Ãë¾àÁ¡ À̽´(HeartBleed)
2014-04-17
25436
50
[SK IDC] ±¹Á¦¸Á ¹éº»¶ó¿ìÅÍ ±³Ã¼ ÀÛ¾÷
2014-02-04
21702
49
[È£½ºÆ®¿þÀÌ] 2013³â 12¿ù 1Â÷ HOSTWAY ³×Æ®¿öÅ© Á¤±â Á¡°Ë °øÁö
2013-12-03
21746
48
[SK IDC] ±¹Á¦¸Á ¹éº»¶ó¿ìÅÍ Á¤±â¸®ºÎÆÃ ÀÛ¾÷
2013-11-18
18615
47
È£½ºÆ®¿þÀÌ IDC ÀÛ¾÷¾È³»
2013-11-15
18123
46
Çϳª·ÎÈ£½ºÆÃ 2012³â »çȸ°øÇå Ȱµ¿
2013-02-12
25094
45
SK IDC ¹éº» PM ÀÛ¾÷ °ü·Ã °øÁö[2Â÷]
2012-06-21
23650
44
SK IDC ¹éº» PM ÀÛ¾÷ °ü·Ã °øÁö
2012-06-12
22501
43
¹éº»½ºÀ§Ä¡ PM ÀÛ¾÷ °ü·Ã ¾È³»
2012-03-13
23000
42
ºÐ´ç ¼¾ÅÍ ³×Æ®¿öÅ© Á¡°Ë ÀÛ¾÷¾È³»
2011-12-07
23129
41
¼ÃÊ1¼¾ÅÍ ¹éº»½ºÀ§Ä¡ Á¤±â¸®ºÎÆÃ ÀÛ¾÷
2011-07-29
25425
40
Çϳª·ÎÈ£½ºÆÃ°ú ³Ø½ºÆ®¿÷½º °£ÀÇ Àμö ÇÕº´¿¡ µû¸¥ ¾÷¹« º¯°æ ¾È³»¹® ÀÔ´Ï´Ù.
2011-01-24
32483
39
¼¹öŬ¸¯ Àμö¿¡ µû¸¥ ¾È³»¹®
2008-08-06
71618
38
Çϳª·ÎÅÚ·¹ÄÞIDC ±¹Á¦¸Á °ÔÀÌÆ®¿þÀÌ ¶ó¿ìÅÍ °³¼±ÀÛ¾÷(2Â÷)
2007-05-10
48555
37
Çϳª·ÎÅÚ·¹ÄÞIDC ¹éº»½ºÀ§Ä¡ IOS ¾÷±×·¹À̵å
2007-05-04
48936
36
Çϳª·ÎÅÚ·¹ÄÞIDC ±¹Á¦¸Á °ÔÀÌÆ®¿þÀÌ ¶ó¿ìÅÍ °³¼±ÀÛ¾÷
2007-05-03
48730
[1]
[2]
[3]
[4]
Á¦¸ñ
³»¿ë