.jpg)
CVE-2015-8087, CVE-2015-8083, CVE-2015-7984
CVE-2015-7845, CVE-2015-7385
[º¸¾È´º½º ÁÖ¼ÒÇü] ÇöÁö ½Ã°¢À¸·Î 11¿ù 19ÀÏ, ¿ì¸®³ª¶ó ½Ã°£À¸·Î´Â ´ë·« 19ÀÏ¿¡¼ 20ÀÏ·Î ³Ñ¾î¿À´Â ¹ã »çÀÌ¿¡ ¹Ì±¹ÀÇ National Vulnerability DatabaseÀ» ÅëÇØ ¹ßÇ¥µÈ Ãë¾àÁ¡µéÀÔ´Ï´Ù.
1. CVE-2015-8087
¼ÒÇÁÆ®¿þ¾î V800R007C10SPC100 ÀÌÀü ¹öÀüÀÌ Å¾ÀçµÈ Huawei NE20E-S, NE40E-M, NE40E-M2 ¶ó¿ìÅÍ ¹× ¼ÒÇÁÆ®¿þ¾î V800R007C00SPC100 ÀÌÀü ¹öÀüÀÌ Å¾ÀçµÈ NE40E¿Í NE80E¿¡¼ ¹ß°ßµÈ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ Á¶ÀÛµÈ MPLS ÆÐŶÀ» ÅëÇØ ´Ù¸¥ VPNÀ¸·Î ÆÐŶÀ» Àü¼ÛÇÏ°í Ç÷¯µù °ø°ÝÀ» ÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ´Â VPN È£ÇÎ Ãë¾àÁ¡°ú µ¿ÀÏÇÕ´Ï´Ù.
2. CVE-2015-8083
¼ÒÇÁÆ®¿þ¾î V200R003C00SPC300 ÀÌÀü ¹öÀüÀÌ Å¾ÀçµÈ Huawei eSpace U1910, U1911, U1930, U1960, U1980¿¡¼ ¹ß°ßµÈ ¸í½ÃµÇÁö ¾ÊÀº ¸ðµâ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ ¾Ë·ÁÁöÁö ¾ÊÀº º¤Å͸¦ ÅëÇØ ¼ºñ½º °ÅºÎ¸¦ ÇÒ ¼ö ÀÖ½À´Ï´Ù.
3. CVE-2015-7984
Horde 5.2.8 ÀÌÀü ¹öÀü, Horde Groupware 5.2.11 ÀÌÀü ¹öÀü, Horde Groupware Webmail Edition 5.2.11 ÀÌÀü ¹öÀü¿¡¼ ¹ß°ßµÈ ´Ù¼öÀÇ CSRF Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ sql ¸Å°³º¯¼ö¸¦ ÅëÇØ °ü¸®ÀÚ ÀÎÁõÀ» ³³Ä¡ÇÒ ¼ö ÀÖ½À´Ï´Ù.
4. CVE-2015-7845
¼ÒÇÁÆ®¿þ¾î V100R001C20SPH605 ÀÌÀü ¹öÀüÀÌ Å¾ÀçµÈ Huawei eSpace U1910, U1911, U1930, U1960, U1980, U1981¿¡¼ ¹ß°ßµÈ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ Á¶ÀÛµÈ SSH ÆÐŶÀ» ÅëÇØ ¼ºñ½º °ÅºÎ¸¦ ÇÒ ¼ö ÀÖ½À´Ï´Ù.
5. CVE-2015-7385
Open-Xchange OX Guard 2.0.0-rev11 ÀÌÀü ¹öÀü¿¡¼ ¹ß°ßµÈ XSS Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ PGP °ø°³ Å° ¾È¿¡ ÀÖ´Â uid Çʵ带 ÅëÇØ ÀÓÀÇÀÇ À¥ ½ºÅ©¸³Æ®³ª HTMLÀ» »ðÀÔÇÒ ¼ö ÀÖ½À´Ï´Ù.
[±¹Á¦ºÎ ÁÖ¼ÒÇü ±âÀÚ(sochu@boannews.com)]
CVE-2015-7845, CVE-2015-7385
[º¸¾È´º½º ÁÖ¼ÒÇü] ÇöÁö ½Ã°¢À¸·Î 11¿ù 19ÀÏ, ¿ì¸®³ª¶ó ½Ã°£À¸·Î´Â ´ë·« 19ÀÏ¿¡¼ 20ÀÏ·Î ³Ñ¾î¿À´Â ¹ã »çÀÌ¿¡ ¹Ì±¹ÀÇ National Vulnerability DatabaseÀ» ÅëÇØ ¹ßÇ¥µÈ Ãë¾àÁ¡µéÀÔ´Ï´Ù.
1. CVE-2015-8087
¼ÒÇÁÆ®¿þ¾î V800R007C10SPC100 ÀÌÀü ¹öÀüÀÌ Å¾ÀçµÈ Huawei NE20E-S, NE40E-M, NE40E-M2 ¶ó¿ìÅÍ ¹× ¼ÒÇÁÆ®¿þ¾î V800R007C00SPC100 ÀÌÀü ¹öÀüÀÌ Å¾ÀçµÈ NE40E¿Í NE80E¿¡¼ ¹ß°ßµÈ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ Á¶ÀÛµÈ MPLS ÆÐŶÀ» ÅëÇØ ´Ù¸¥ VPNÀ¸·Î ÆÐŶÀ» Àü¼ÛÇÏ°í Ç÷¯µù °ø°ÝÀ» ÇÒ ¼ö ÀÖ½À´Ï´Ù. ÀÌ´Â VPN È£ÇÎ Ãë¾àÁ¡°ú µ¿ÀÏÇÕ´Ï´Ù.
2. CVE-2015-8083
¼ÒÇÁÆ®¿þ¾î V200R003C00SPC300 ÀÌÀü ¹öÀüÀÌ Å¾ÀçµÈ Huawei eSpace U1910, U1911, U1930, U1960, U1980¿¡¼ ¹ß°ßµÈ ¸í½ÃµÇÁö ¾ÊÀº ¸ðµâ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ ¾Ë·ÁÁöÁö ¾ÊÀº º¤Å͸¦ ÅëÇØ ¼ºñ½º °ÅºÎ¸¦ ÇÒ ¼ö ÀÖ½À´Ï´Ù.
3. CVE-2015-7984
Horde 5.2.8 ÀÌÀü ¹öÀü, Horde Groupware 5.2.11 ÀÌÀü ¹öÀü, Horde Groupware Webmail Edition 5.2.11 ÀÌÀü ¹öÀü¿¡¼ ¹ß°ßµÈ ´Ù¼öÀÇ CSRF Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ sql ¸Å°³º¯¼ö¸¦ ÅëÇØ °ü¸®ÀÚ ÀÎÁõÀ» ³³Ä¡ÇÒ ¼ö ÀÖ½À´Ï´Ù.
4. CVE-2015-7845
¼ÒÇÁÆ®¿þ¾î V100R001C20SPH605 ÀÌÀü ¹öÀüÀÌ Å¾ÀçµÈ Huawei eSpace U1910, U1911, U1930, U1960, U1980, U1981¿¡¼ ¹ß°ßµÈ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ Á¶ÀÛµÈ SSH ÆÐŶÀ» ÅëÇØ ¼ºñ½º °ÅºÎ¸¦ ÇÒ ¼ö ÀÖ½À´Ï´Ù.
5. CVE-2015-7385
Open-Xchange OX Guard 2.0.0-rev11 ÀÌÀü ¹öÀü¿¡¼ ¹ß°ßµÈ XSS Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ ¿ø°Ý¿¡¼ PGP °ø°³ Å° ¾È¿¡ ÀÖ´Â uid Çʵ带 ÅëÇØ ÀÓÀÇÀÇ À¥ ½ºÅ©¸³Æ®³ª HTMLÀ» »ðÀÔÇÒ ¼ö ÀÖ½À´Ï´Ù.
[±¹Á¦ºÎ ÁÖ¼ÒÇü ±âÀÚ(sochu@boannews.com)]
<ÀúÀÛ±ÇÀÚ: º¸¾È´º½º(www.boannews.com) ¹«´ÜÀüÀç-Àç¹èÆ÷±ÝÁö>
ÁÖ¼ÒÇü±âÀÚ ±â»çº¸±â
[2024-11-01] 
.jpg)
