OpenSSH Á¦Ç° º¸¾È ¾÷µ¥ÀÌÆ® ±Ç°í
°ü¸®ÀÚ ( hhosting@hhosting.co.kr ) 2024-07-11 09:11:42
Á¶È¸¼ö 1,169
¡à °³¿ä
o OpenSSH¿¡¼ ¹ß»ýÇÏ´Â Ãë¾àÁ¡À» ÇØ°áÇÑ º¸¾È ¾÷µ¥ÀÌÆ® ¹ßÇ¥ [1]
o ¿µÇâ¹Þ´Â ¹öÀüÀ» »ç¿ë ÁßÀÎ ½Ã½ºÅÛ »ç¿ëÀÚ´Â ÇØ°á ¹æ¾È¿¡ µû¶ó ÃֽŠ¹öÀüÀ¸·Î ¾÷µ¥ÀÌÆ® ±Ç°í
¡à ¼³¸í
o OpenSSH¿¡¼ ¹ß»ýÇÏ´Â ·¹À̽º ÄÁµð¼Ç Ãë¾àÁ¡À¸·Î ÀÎÇØ ¿ø°Ý ÄÚµå ½ÇÇà °¡´É (CVE-2024-6387) [3][4]
¡à ¿µÇâ¹Þ´Â Á¦Ç° ¹× ÇØ°á ¹æ¾È
Ãë¾àÁ¡
Á¦Ç°¸í
¿µÇâ¹Þ´Â ¹öÀü
ÇØ°á ¹öÀü
CVE-2024-6387
OpenSSH
4.4p1 ±îÁö*(Á¦¿Ü)
9.8p1
8.5p1ºÎÅÍ(Æ÷ÇÔ) ~
9.8p1 ±îÁö(Á¦¿Ü)
* CVE-2006-5051, CVE-2008-4109 Ãë¾àÁ¡ ÆÐÄ¡°¡ Àû¿ëµÉ °æ¿ì ¾çÈ£ÇÏÁö¸¸ ÃֽŠÆÐÄ¡·Î ¾÷µ¥ÀÌÆ® ±ÇÀå
¡Ø ÇÏ´ÜÀÇ Âü°í»çÀÌÆ®¸¦ È®ÀÎÇÏ¿© ¾÷µ¥ÀÌÆ® ¼öÇà [2]
¡à Âü°í»çÀÌÆ®
[1] https://www.openssh.com/security.html
[2] https://www.openssh.com/txt/release-9.8
[3] https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
[4] https://nvd.nist.gov/vuln/detail/CVE-2024-6387
¡à ¹®ÀÇ»çÇ×
o Çѱ¹ÀÎÅͳÝÁøÈï¿ø »çÀ̹ö¹Î¿ø¼¾ÅÍ: ±¹¹ø¾øÀÌ 118
¡à ÀÛ¼º: À§ÇùºÐ¼®´Ü Ãë¾àÁ¡ºÐ¼®ÆÀ