VMware ESXi OpenSLP µî ¿ø°ÝÄÚµå ½ÇÇà Ãë¾àÁ¡ ¹ß°ß
[º¸¾È´º½º ¹Î¼¼¾Æ] VMware´Â ESXi¿Í vCenter ServerÀÇ Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¹ßÇ¥Çß´Ù.
VMware ESXi OpenSLP ¹× vCenter Server JMX RMI¿¡¼ ¿ø°Ý ÄÚµå ½ÇÇà Ãë¾àÁ¡À» ¾Ç¿ëÇÑ ÇÇÇØ°¡ ¹ß»ýÇÒ ¼ö ÀÖ¾î ÇØ´ç ½Ã½ºÅÛÀ» »ç¿ëÇÏ´Â ÀÌ¿ëÀÚµéÀº ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ®ÇÏ´Â °ÍÀÌ ¾ÈÀüÇÏ´Ù.
ÇØ´ç Ãë¾àÁ¡¿¡ ¿µÇâ¹Þ´Â ¹öÀüÀº ¡âVMware ESXi 6.0 ¡âVMware ESXi 5.5 ¡âVMware ESXi 5.1 ¡âVMware ESXi 5.0 ¡âVMware vCenter Server 6.0 ¡âVMware vCenter Server 5.5 ¡âVMware vCenter Server 5.1 ¡âVMware vCenter Server 5.0 ¹öÀüÀÌ´Ù.
vCenter Server »ç¿ëÀÚ¿Í ESXi »ç¿ëÀڴ ȨÆäÀÌÁö¿¡¼ ÇØ´ç ÆÐÄ¡¹öÀüÀ» Á÷Á¢ ´Ù¿î·Îµå(°¢°¢ https://www.vmware.com/go/download-vsphere, https://www.vmware.com/patchmgr/findPatch.portal#sthash.dUkCrU0Z.dpuf)ÇØ Ãë¾àÁ¡À» ÇØ°áÇÒ ¼ö ÀÖ´Ù.
ÀÌ¿Í °ü·ÃÇÑ ÀÚ¼¼ÇÑ »çÇ×Àº ¾Æ·¡ÀÇ Âü°í»çÀÌÆ®¸¦ È®ÀÎÇϰųª Çѱ¹ÀÎÅͳÝÁøÈï¿ø ÀÎÅͳÝħÇØ´ëÀÀ¼¾ÅÍ(±¹¹ø¾øÀÌ 118)·Î ¹®ÀÇÇÏ¸é µÈ´Ù.
[Âü°í»çÀÌÆ®]
1.http://www.vmware.com/security/advisories/VMSA-2015-0007.html
2.https://www.7elements.co.uk/resources/blog/cve-2015-2342-remote-code-execution-within-vmware-vcenter/
[¹Î¼¼¾Æ ±âÀÚ(boan5@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(http://www.boannews.com/) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>