.jpg)
.jpg)
Samba ¼ÒÇÁÆ®¿þ¾î, Áß°£ÀÚ °ø°Ý°ú ¼¹ö ¸Þ¸ð¸® Á¤º¸ ³ëÃâ Ãë¾àÁ¡ ¹ß°ß
Samba 4.4.15 ¹× ÀÌÀü ¹öÀü »ç¿ëÀÚ, 4.5.13 »ç¿ëÀÚ, 4.6.7 »ç¿ëÀÚ ¾÷µ¥ÀÌÆ®Çؾß
[º¸¾È´º½º ±è°æ¾Ö ±âÀÚ] Samba ¼ÒÇÁÆ®¿þ¾î¿¡¼ Ãë¾àÁ¡ÀÌ ¹ß°ßµÆ´Ù. ÀÌ¿¡ ³·Àº ¹öÀü »ç¿ëÀÚ´Â ¼ºñ½º °ÅºÎ °ø°Ý°ú Áß°£ÀÚ °ø°Ý¿¡ Ãë¾àÇÒ ¼ö ÀÖ¾î ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇØ¾ß ÇÑ´Ù.
Áß°£ÀÚ °ø°Ý(Man-In-The-Middle)Àº Åë½ÅÇÏ°í ÀÖ´Â Àåºñµé »çÀÌ¿¡¼ µ¥ÀÌÅ͸¦ º¯°æÇϰųª µµÃ»ÇÏ¿© Åë½Å ³»¿ëÀ» Á¶ÀÛÇÏ´Â ÇØÅ· ±â¹ýÀ» ¸»ÇÑ´Ù.
À̹ø¿¡ ¹ß°ßµÈ Ãë¾àÁ¡Àº ¡âSMBv1,v2,v3 »ç¿ë ½Ã, ÀϺΠ±â´É¿¡¼ Ŭ¶óÀ̾ðÆ® ÀÎÁõÀ» ÇÏÁö ¾Ê¾Æ Áß°£ÀÚ °ø°ÝÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2017-12150) ¡âSMBv3 »ç¿ë ½Ã DFS(Distribute File System, ºÐ»ê ÆÄÀÏ ½Ã½ºÅÛ)ÀÇ Åë½Å¿¡¼ ¹ÌÈíÇÑ µ¥ÀÌÅÍ ¾ÏȣȷΠÀÎÇØ Áß°£ÀÚ °ø°ÝÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2017-12151) ¡âSMBv1 »ç¿ë ½Ã, À߸øµÈ µ¥ÀÌÅÍ ¿äûÀ¸·Î ÀÎÇØ Å¬¶óÀ̾ðÆ®¿¡¼ ¼¹ö ¸Þ¸ð¸® Á¤º¸¸¦ ³ëÃâ½Ãų ¼ö ÀÖ´Â Ãë¾àÁ¡(CVE-2017-12163)ÀÌ´Ù.
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î´Â ´ÙÀ½°ú °°´Ù.
µû¶ó¼ Samba 4.4.15 ¹× ÀÌÀü ¹öÀü »ç¿ëÀÚ´Â 4.4.16 ¹öÀüÀ¸·Î, Samba 4.5.13 »ç¿ëÀÚ´Â 4.5.14 ¹öÀüÀ¸·Î, Samba 4.6.7 »ç¿ëÀÚ´Â 4.6.8 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
Á»´õ ÀÚ¼¼ÇÑ »çÇ×Àº Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ(±¹¹ø ¾øÀÌ 118)¿¡ ¹®ÀÇÇÏ¸é µÈ´Ù.
[Âü°í»çÀÌÆ®]
[1] https://www.samba.org/samba/history/
[2] https://www.samba.org/samba/security/CVE-2017-12150.html
[3] https://www.samba.org/samba/security/CVE-2017-12151.html
[4] https://www.samba.org/samba/security/CVE-2017-12163.html
[5] https://download.samba.org/pub/samba/patches/samba-4.4.15-4.4.16.diffs.gz
[6] https://download.samba.org/pub/samba/patches/samba-4.5.13-4.5.14.diffs.gz
[7] https://download.samba.org/pub/samba/patches/samba-4.6.7-4.6.8.diffs.gz
[±è°æ¾Ö ±âÀÚ(boan3@boannews.com)]
Samba 4.4.15 ¹× ÀÌÀü ¹öÀü »ç¿ëÀÚ, 4.5.13 »ç¿ëÀÚ, 4.6.7 »ç¿ëÀÚ ¾÷µ¥ÀÌÆ®Çؾß
[º¸¾È´º½º ±è°æ¾Ö ±âÀÚ] Samba ¼ÒÇÁÆ®¿þ¾î¿¡¼ Ãë¾àÁ¡ÀÌ ¹ß°ßµÆ´Ù. ÀÌ¿¡ ³·Àº ¹öÀü »ç¿ëÀÚ´Â ¼ºñ½º °ÅºÎ °ø°Ý°ú Áß°£ÀÚ °ø°Ý¿¡ Ãë¾àÇÒ ¼ö ÀÖ¾î ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇØ¾ß ÇÑ´Ù.
Áß°£ÀÚ °ø°Ý(Man-In-The-Middle)Àº Åë½ÅÇÏ°í ÀÖ´Â Àåºñµé »çÀÌ¿¡¼ µ¥ÀÌÅ͸¦ º¯°æÇϰųª µµÃ»ÇÏ¿© Åë½Å ³»¿ëÀ» Á¶ÀÛÇÏ´Â ÇØÅ· ±â¹ýÀ» ¸»ÇÑ´Ù.
[À̹ÌÁö=samba À¥»çÀÌÆ® ĸó]
À̹ø¿¡ ¹ß°ßµÈ Ãë¾àÁ¡Àº ¡âSMBv1,v2,v3 »ç¿ë ½Ã, ÀϺΠ±â´É¿¡¼ Ŭ¶óÀ̾ðÆ® ÀÎÁõÀ» ÇÏÁö ¾Ê¾Æ Áß°£ÀÚ °ø°ÝÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2017-12150) ¡âSMBv3 »ç¿ë ½Ã DFS(Distribute File System, ºÐ»ê ÆÄÀÏ ½Ã½ºÅÛ)ÀÇ Åë½Å¿¡¼ ¹ÌÈíÇÑ µ¥ÀÌÅÍ ¾ÏȣȷΠÀÎÇØ Áß°£ÀÚ °ø°ÝÀÌ °¡´ÉÇÑ Ãë¾àÁ¡(CVE-2017-12151) ¡âSMBv1 »ç¿ë ½Ã, À߸øµÈ µ¥ÀÌÅÍ ¿äûÀ¸·Î ÀÎÇØ Å¬¶óÀ̾ðÆ®¿¡¼ ¼¹ö ¸Þ¸ð¸® Á¤º¸¸¦ ³ëÃâ½Ãų ¼ö ÀÖ´Â Ãë¾àÁ¡(CVE-2017-12163)ÀÌ´Ù.
¿µÇâÀ» ¹Þ´Â ¼ÒÇÁÆ®¿þ¾î´Â ´ÙÀ½°ú °°´Ù.
µû¶ó¼ Samba 4.4.15 ¹× ÀÌÀü ¹öÀü »ç¿ëÀÚ´Â 4.4.16 ¹öÀüÀ¸·Î, Samba 4.5.13 »ç¿ëÀÚ´Â 4.5.14 ¹öÀüÀ¸·Î, Samba 4.6.7 »ç¿ëÀÚ´Â 4.6.8 ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®¸¦ Àû¿ëÇØ¾ß ÇÑ´Ù.
Á»´õ ÀÚ¼¼ÇÑ »çÇ×Àº Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ(±¹¹ø ¾øÀÌ 118)¿¡ ¹®ÀÇÇÏ¸é µÈ´Ù.
[Âü°í»çÀÌÆ®]
[1] https://www.samba.org/samba/history/
[2] https://www.samba.org/samba/security/CVE-2017-12150.html
[3] https://www.samba.org/samba/security/CVE-2017-12151.html
[4] https://www.samba.org/samba/security/CVE-2017-12163.html
[5] https://download.samba.org/pub/samba/patches/samba-4.4.15-4.4.16.diffs.gz
[6] https://download.samba.org/pub/samba/patches/samba-4.5.13-4.5.14.diffs.gz
[7] https://download.samba.org/pub/samba/patches/samba-4.6.7-4.6.8.diffs.gz
[±è°æ¾Ö ±âÀÚ(boan3@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>
±è°æ¾Ö±âÀÚ ±â»çº¸±â
[2024-11-22] 
.jpg)
.jpg)
.jpg)
