본문 바로가기

취약점 정보1

bash에 존재하는 취약점 "Shellshock": "CVE-2014-7169」및 「CVE-2014-6271" Linux 등에서 사용되는 오픈 소스 프로그램 "Bourne Again shell (bash)"명령 쉘에 치명적인 취약점이 존재하는 것으로 확인되었습니다. bash는 대부분의 Linux 배포판에서 일반적으로 사용되는 쉘입니다. 공격자는 "Shellshock"라는 취약점 ' CVE-2014-7169」이있는 시스템에서 명령을 실행하는 것이 가능합니다. 즉, 이러한 Linux 배포판을 실행하는 서버에서이 취약점은 원격 코드를 실행하는 것을 허용합니다.■ "Shellshock"취약점이란 무엇인가 Unix 계열의 OS 환경에서 가장 많이 사용되는 쉘에 심각한 문제가 확인되었습니다. 이 결함으로 인해 공격자가 네트워크를 통해 다른 어떤 명령을 수행 할 수 있습니다. 가장 영향을받는 것은 CGI 환경을 사용하여 We.. 더보기
bash에 존재하는 「Shellshock "취약점에 대한주의 Linux 등에서 사용되는 오픈 소스 프로그램 "bash"에 취약점 "Shellshock"(CVE-2014-6271) 밝혀졌습니다.bash는 Linux, BSD, Mac OS X 등의 OS에서 사용되는 "쉘"라는 명령 셸의 하나입니다. 일반 사용자 입장에서 OS의 일부로 간주되는 것이 많다고 생각됩니다.■ "Shellshock"취약점 (CVE-2014-6271)이란? 이 취약점은 Linux 등의 OS에서 사용되는 쉘 "bash"환경 변수 처리의 취약점입니다. 이 취약점을 악용하면 bash를 사용하는 Web 서버가 변조되거나 Linux 서버 등 원격 조작되거나 악성 프로그램에 감염 될 위험이 있습니다.■ 영향을받는 환경은? bash가 구현되는 OS 환경에 영향이 있습니다. 특히 각종 Linux 배포판 및 .. 더보기
Major Android Bug is a Privacy Disaster (CVE-2014-6041) On the night of September 7, 2014, Joe Vennix of Rapid7's Metasploit Products team wrote, "I did not believe this at first, but after some testing it seems true: in AOSP browser before Android 4.4, you can load javascript into any arbitrary frame or window [...]" and provided a Metasploit module to exploit this condition. After some of the usual testing and confirmation of the vulnerability, thi.. 더보기
FreeBSD Denial of Service advisory (CVE-2004-0230) A vulnerability has been discovered by Johnathan Looney at the Juniper SIRT in FreeBSD (base for Junos and many other products) in the way that FreeBSD processes certain TCP packets (https://www.freebsd.org/security/advisories/FreeBSD-SA-14:19.tcp.asc) If you send TCP SYN packets for an existing connection (i.e. the correct source IP, source port, destination IP, destination port combination) th.. 더보기
Multiple Android applications fail to properly validate SSL certificates Multiple Android applications fail to properly validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack.DescriptionWhen communicating via HTTPS, an application should validate the SSL chain to be sure that the certificate produced by the site was provided by a trusted root certificate authority (CA). Multiple Android applic.. 더보기
WebEdition 6.3.8-s1 SQL Injection Vulnerability WebEdition CMS is an open source CMS written in PHP that seems to be mostly used by german websites. It came to our attention a few months ago, because another party performed an audit on it and came up with some vulnerabilities. Because we always look for nice PHP bugs for our own PHP and web security trainings we had a very quick look into it and were able to find a number of vulnerabilites th.. 더보기
Web Server Attack Investigation - Installing a Bot and Reverse Shell via a PHP Vulnerability With Windows malware getting so much attention nowadays, it's easy to forget that attackers also target other OS platforms. Let's take a look at a recent attempt to install an IRC bot written in Perl by exploiting a vulnerability in PHP.The Initial ProbeThe web server received the initial probe from 46.41.128.231, an IP address that at the time was not flagged as malicious on various blacklists:.. 더보기
Issues with Microsoft Updates Microsoft has updated some bulletins because there are three known issues that can affect your computer.when KB2982791 is installed, fonts that are installed in a location other than the default fonts directory (%windir%\fonts\) cannot be changed when they are loaded into any active sessionFonts do not render correctly after any of the following updates are installed:2982791 MS14-045: Descriptio.. 더보기
PHP 5.3.29 is available, PHP 5.3 reaching end of life The PHP development team announces the immediate availability of PHP 5.3.29. This release marks the end of life of the PHP 5.3 series. Future releases of this series are not planned. All PHP 5.3 users are encouraged to upgrade to the current stable version of PHP 5.5 or previous stable version of PHP 5.4, which are supported till at least 2016 and 2015 respectively.PHP 5.3.29 contains about 25 p.. 더보기
Adobe updates for 2014/08 Adobe has released security updates for Adobe Flash Player, Adobe AIR, Adobe Reader, and Acrobat. The updates are rated as critical and an impressive number of CVE entries. CVE-2014-0538, CVE-2014-0540, CVE-2014-0541, CVE-2014-0542, CVE-2014-0543, CVE-2014-0544, CVE-2014-0545, CVE-2014-0546. Summary: update now. http://helpx.adobe.com/security/products/flash-player/apsb14-18.html http://helpx.ad.. 더보기

티스토리툴바