| 오라클, 101개 긴급 보안패치 발표 | 2006.10.23 |
국정원, “오라클 SW 취약성 점검 및 패치” 당부 오라클이 자사의 여러 소프트웨어 애플리케이션에 영향을 주는 101개의 보안 취약성을 해결한 ‘Critical Patch Update’를 발표했다. 국가사이버안전센터 관계자는 “오라클 소프트웨어를 사용하는 각급기관 정보보안담당자들은 취약한 애플리케이션이 있는지 확인하고, 해당 패치를 조속히 적용하기를 당부한다”고 밝혔다.
센터 관계자는 “이 취약성들 중 일부는 취약한 서버를 완전히 장악하는데 악용될 수 있으며, 다른 취약성은 컴퓨터의 가용성, 기밀성 또는 무결성에 영향을 줄 수 있다. 또한, 원격 공격과 로컬 공격 모두 가능하며, 인증우회기법을 활용하여 컴퓨터가 완전히 장악될 수 있다. 이번에 발표된 101개의 취약성에 대한 공격코드들이 이미 존재하는지에 대해서는 아직 알려지지 않았다”며 “해당 담당자들은 조속히 보안패치를 적용할 것을 권고한다”고 밝혔다. <영향받는 시스템> Oracle Application Server 10g 9.0.4 .1 Oracle Application Server 10g 9.0.4 .2 Oracle Application Server 10g 9.0.4 Oracle Application Server 10g 9.0.4 .3 Oracle Application Server Release 2 9.0.2 .3 Oracle Collaboration Suite Release 1 10.1.2 Oracle Collaboration Suite Release 2 9.0.4 .2 Oracle Developer Suite 10.1.2 .0.2 Oracle Developer Suite 10.1.2 .2 Oracle Developer Suite 6 i Oracle Developer Suite 9.0.4 .1 Oracle Developer Suite 9.0.4 .2 Oracle Developer Suite 9.0.4 .3 Oracle E-Business Suite 11.0.0 Oracle E-Business Suite 11i 11.5.10 Oracle E-Business Suite 11i 11.5.10 CU2 Oracle E-Business Suite 11i 11.5.7 Oracle E-Business Suite 11i 11.5.8 Oracle E-Business Suite 11i 11.5.9 Oracle HTML DB 1.5.0 Oracle HTML DB 1.5.1 Oracle HTML DB 1.6.0 Oracle HTML DB 1.6.1 Oracle HTML DB 2.0.0 Oracle JD Edwards EnterpriseOne 8.95.0 _F1 Oracle JD Edwards EnterpriseOne 8.95 .J1 Oracle JD Edwards EnterpriseOne 8.96 Oracle JD Edwards EnterpriseOne 8.95 Oracle JD Edwards EnterpriseOne 8.95.0 _B1 Oracle OneWorld Tools SP23 Oracle Oracle 9i Application Server 1.0.2 .2 Oracle Oracle10g Application Server 10.1.2 Oracle Oracle10g Application Server 10.1.2 .0.1 Oracle Oracle10g Application Server 10.1.2 .0.2 Oracle Oracle10g Application Server 10.1.2 .1.0 Oracle Oracle10g Application Server 10.1.3 .0.0 Oracle Oracle10g Application Server 9.0.4 .0 Oracle Oracle10g Application Server 9.0.4 .1 Oracle Oracle10g Application Server 9.0.4 .2 Oracle Oracle10g Enterprise Edition 10.1.0 .0.3 Oracle Oracle10g Enterprise Edition 10.1.0 .0.4 Oracle Oracle10g Enterprise Edition 10.2.0 .1 Oracle Oracle10g Enterprise Edition 10.2.0 .2 Oracle Oracle10g Personal Edition 10.1.0 .0.3 Oracle Oracle10g Personal Edition 10.1.0 .0.4 Oracle Oracle10g Personal Edition 10.2.0 .1 Oracle Oracle10g Personal Edition 10.2.0 .2 Oracle Oracle10g Standard Edition 10.1.0 .0.3 Oracle Oracle10g Standard Edition 10.1.0 .0.4 Oracle Oracle10g Standard Edition 10.1.0 .0.5 Oracle Oracle10g Standard Edition 10.2.0 .1 Oracle Oracle10g Standard Edition 10.2.0 .2 Oracle Oracle8i Enterprise Edition 8.1.7 .4 Oracle Oracle8i Standard Edition 8.1.7 .4 Oracle Oracle9i Application Server 9.0.2 .3 Oracle Oracle9i Application Server 9.0.3 .1 Oracle Oracle9i Enterprise Edition 9.0.1 .4 Oracle Oracle9i Enterprise Edition 9.0.1 .5 Oracle Oracle9i Enterprise Edition 9.0.1 .5 FIPS Oracle Oracle9i Enterprise Edition 9.2.0 .0.5 Oracle Oracle9i Enterprise Edition 9.2.0 .6 Oracle Oracle9i Enterprise Edition 9.2.0 .7 Oracle Oracle9i Personal Edition 9.0.1 .4 Oracle Oracle9i Personal Edition 9.0.1 .5 Oracle Oracle9i Personal Edition 9.0.1 .5 FIPS Oracle Oracle9i Personal Edition 9.2.0 .0.5 Oracle Oracle9i Personal Edition 9.2.0 .6 Oracle Oracle9i Personal Edition 9.2.0 .7 Oracle Oracle9i Standard Edition 9.0.1 .4 Oracle Oracle9i Standard Edition 9.0.1 .5 Oracle Oracle9i Standard Edition 9.0.1 .5 FIPS Oracle Oracle9i Standard Edition 9.2.0 .0.5 Oracle Oracle9i Standard Edition 9.2.0 .6 Oracle Oracle9i Standard Edition 9.2.0 .7 Oracle PeopleSoft Enterprise PeopleTools 8.22 Oracle PeopleSoft Enterprise PeopleTools 8.46 Oracle PeopleSoft Enterprise PeopleTools 8.47 Oracle PeopleSoft Enterprise PeopleTools 8.48 Oracle PeopleSoft Enterprise Portal 8.8 Oracle PeopleSoft Enterprise Portal 8.9 Oracle PeopleSoft Enterprise Tools 8.46 GA Oracle PeopleSoft Enterprise Tools 8.46.12 Oracle PeopleSoft Enterprise Tools 8.47 GA Oracle PeopleSoft Enterprise Tools 8.47 .01 Oracle PeopleSoft Enterprise Tools 8.47 .02 Oracle PeopleSoft Enterprise Tools 8.47 .03 Oracle PeopleSoft Enterprise Tools 8.47 .04 Oracle Pharmaceutical Applications 4.5.0 Oracle Pharmaceutical Applications 4.5.1 <보안패치 사이트> http://www.oracle.com/technology/deploy/security/critical-patch-updates <관련사이트> http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf http://www.securityfocus.com/advisories/11323 http://www.oracle.com/index.html [길민권 기자(reporter21@boannews.com)] <저작권자: 보안뉴스(www.boannews.com) 무단전재-재배포금지> |
|
 |
