[º¸¾È´º½º ÁÖ¼ÒÇü] ÇöÁö ½Ã°¢À¸·Î 6¿ù 29ÀÏ, ¿ì¸®³ª¶ó ½Ã°£À¸·Î´Â ´ë·« 29ÀÏ¿¡¼ 30ÀÏ·Î ³Ñ¾î¿À´Â ¹ã »çÀÌ¿¡ ¹Ì±¹ÀÇ National Vulnerability DatabaseÀ» ÅëÇØ ¹ßÇ¥µÈ Ãë¾àÁ¡µéÀÔ´Ï´Ù.
1. CVE-2015-0196
IBM WebSphere Commerce 6.0~6.0.0.11, 7.0, 7.0.0.8 ÀÌÀü ¹öÀü ¹× Cumulative iFix 2¿¡¼ ¹ß°ßµÈ CRLF ÁÖÀÔ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ Á¶ÀÛµÈ URLÀ» ÅëÇØ ÀÓÀÇÀÇ HTTP Çì´õ¸¦ ÁÖÀÔÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
2. CVE-2015-0545
VMAX 8.x, 8.0.3.4 ÀÌÀü ¹öÀüÀÇ EMC Unisphere¿¡¼ JDWP ¼ºñ½º¸¦ ¼Â¾÷ÇÒ ¶§ ¹ß°ßµÈ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ ¸í½ÃµÇÁö ¾ÊÀº º¤Å͸¦ ÅëÇØ ÀÓÀÇÀÇ Äڵ带 ½ÇÇàÇÒ ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
3. CVE-2015-1900
UNIX allowsÀÇ IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, 11.3~11.3.1.2 ¹öÀü¿¡¼ ¹ß°ßµÈ Ãë¾àÁ¡À¸·Î ·ÎÄà »ç¿ëÀÚ°¡ ¸í½ÃµÇÁö ¾ÊÀº º¤Å͸¦ ÅëÇØ ½ÇÇà °¡´ÉÇÑ ÆÄÀÏÀ» ¿¶÷ÇÒ ¼ö ÀÖ°Ô ÇÏ°í root Ư±ÇÀ» ¾òÀ» ¼ö ÀÖÀ» ¼ö ÀÖ°Ô ÇØÁÝ´Ï´Ù.
Copyrighted 2015. UBM-Tech. 117153:0515BC
[±¹Á¦ºÎ ÁÖ¼ÒÇü ±âÀÚ(sochu@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(http://www.boannews.com/) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>
ÁÖ¼ÒÇü±âÀÚ ±â»çº¸±â
.png)
.jpg)
