.jpg)
CVE-2015-3810, CVE-2015-3811
[º¸¾È´º½º ÁÖ¼ÒÇü] ÇöÁö ½Ã°¢À¸·Î 5¿ù 26ÀÏ, ¿ì¸®³ª¶ó ½Ã°£À¸·Î´Â ´ë·« 26ÀÏ¿¡¼ 27ÀÏ·Î ³Ñ¾î¿À´Â ¹ã »çÀÌ¿¡ ¹Ì±¹ÀÇ National Vulnerability DatabaseÀ» ÅëÇØ ¹ßÇ¥µÈ Ãë¾àÁ¡µéÀÔ´Ï´Ù.
1. CVE-2015-0986
Moxa VPort ActiveX SDK Plus 2.8 ÀÌÀü ¹öÀü¿¡¼ ¹ß°ßµÈ ´Ù¼öÀÇ ½ºÅà ¹öÆÛ¿À¹öÇ÷οì Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ µî·ÏÅ°(regkey) 1) set, 2) get ¸í·É¾î°¡ Æ÷ÇÔµÈ º¤Å͸¦ ÅëÇØ ¾î¼Àºí¸® ÄÚµå ¶óÀÎÀ» »ðÀÔÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
2. CVE-2015-3808
epan/dissectors/packet-lbmr.c, LBMR Çص¶±â, Wireshark 1.12x ¹× 1.12.5 ÀÌÀü ¹öÀüÀÇ dissect_lbmr_pser ±â´É¿¡¼ ¹ß°ßµÈ Ãë¾àÁ¡À¸·Î zero length¸¦ °ÅºÎÇÏ°Ô ÇØÁÝ´Ï´Ù. ¶ÇÇÑ ÀÌ´Â °ø°ÝÀÚ°¡ ¿ø°ÝÀ¸·Î Á¶ÀÛµÈ ÆÐŶÀ» ÅëÇØ ¼ºñ½º¸¦ °ÅºÎ¸¦ ÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
3. CVE-2015-3809
epan/dissectors/packet-lbmr.c, LBMR Çص¶±â, Wireshark 1.12.x ¹× 1.12.5 ÀÌÀü ¹öÀüÀÇ dissect_lbmr_pser ±â´É¿¡¼ ¹ß°ßµÈ Ãë¾àÁ¡À¸·Î ÇöÀç offsetÀ» Á¦´ë·Î trackÇÒ ¼ö ¾ø°Ô ÇØÁÝ´Ï´Ù. ¶ÇÇÑ ÀÌ´Â °ø°ÝÀÚ°¡ ¿ø°ÝÀ¸·Î Á¶ÀÛµÈ ÆÐŶÀ» ÅëÇØ ¼ºñ½º °ÅºÎ¸¦ ÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
4. CVE-2015-3810
Wireshark 1.12.x ¹× 1.12.5 ÀÌÀü ¹öÀüÀÇ epan/dissectors/packet-websocket.c¿¡¼ ¹Ýº¹µÇ´Â ¾Ë°í¸®ÁòÀ¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ Á¶ÀÛµÈ ÆÐŶÀ» ÅëÇØ ¼ºñ½º °ÅºÎ¸¦ ÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
5. CVE-2015-3811
WCP Çص¶±â, Wireshark 1.10.x, 1.10.14, 1.12.x, 1.12.5 ÀÌÀü ¹öÀüÀÇ epan/dissectors/packet-wcp.c¿¡¼ °¡°øÇÑ ¹ÙÀÌÆ®¸¦ ºÎÀûÀýÇÏ°Ô ³ªÅ¸³ª°Ô ÇØÁÖ¾î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ Á¶ÀÛµÈ ÆÐŶÀ» ÅëÇØ ¼ºñ½º °ÅºÎ¸¦ ÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù. ÀÌ´Â CVE-2015-2188°ú´Â ´Ù¸¥ Ãë¾àÁ¡ÀÔ´Ï´Ù.
Copyrighted 2015. UBM-Tech. 117153:0515BC
[±¹Á¦ºÎ ÁÖ¼ÒÇü ±âÀÚ(sochu@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(http://www.boannews.com/) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>
ÁÖ¼ÒÇü±âÀÚ ±â»çº¸±â
[2024-11-01] 
.jpg)
