CVE-20-8597 ¸®´ª½º pppd µ¥¸ó Ãë¾àÁ¡ °ü·Ã Áú¹® ( Çì³î¸®Áö ¹× esxi °ü·Ã Áú¹®)
160;안녕Ȣ16;세요! 다른,172; 아니라 최근 1060;슈.104;고1080;lj16; 보안문1228;1064;160;
pppd 데몬 ȏ12;약1216;1004;/196; 오버플/196;Ǻ12; 시켜서 시스템에 영향1012; 0120;칠수1080;lj16; ȏ12;약1216;1060;나와서160;
1312;치를 할/140;고Ȣ16;lj16;데 헤놀리1648; ᅆ1;우 데몬1060;1080;긴Ȣ16;고160;
또 .so 파1068;/196;생성.104;1080;lj16;,152;/196;볼ǐ12; 뭔가 Ǹ16;lj16;,144;같고160;
vmware esxilj16; 아1649; 보1648;lj16; 못했1648;만 1060;,163;도 왠1648; pppd 라lj16; 데몬1060; 1080;1012;,144;같1008;데 1648;우1088;고Ȣ16;니 Ǹ16;lj16;,144;같고160;
Ǻ12;떻,172; 1312;치를 Ȣ16;면1339;1012;1648; 모르,192;습니다160;
가1109;1339;1008;,148; 1648;우lj16;,148;데 말1060;1424; ..
1060; 데몬1008;160;
/usr/sbin/pppd
/usr/lib64/pppd
1060;/111;,172; .160;군대에 위치해1080;습니다160;
https://blog.alyac.co.kr/2808160;
아래lj16; 보안 디테1068;1077;니다 (시놀리1648; )160;
https://www.synology.com/ko-kr/security/advisory/Synology_SA_20_02
Affected Products
Product | Severity | Fixed Release Availability |
---|---|---|
DSM 6.2 | Important | Ongoing |
SkyNAS | Not affected | N/A |
VS960HD | Moderate | Ongoing |
SRM 1.2 | Important | Ongoing |
VPNCenter 1.4 | Not affected | N/A |
VPNPlusServer 1.4 | Not affected | N/A |
여기서볼ǐ12; dsm SRM1.2 VS960 HD가 영향1060;1080;다고합니다160;
Mitigation
If you need immediate assistance, please contact Synology technical support via160;https://account.synology.com/support.
Detail
- CVE-2020-8597
- Severity: Important
- CVSS3 Base Score: 8.1
- CVSS3 Vector:160;CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
Reference