Gadu-Gadu文件对话框下载伪造文件扩展漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108132 漏洞类型 设计错误
发布时间 2004-08-23 更新时间 2006-01-24
CVE编号 CVE-2004-2530 CNNVD-ID CNNVD-200412-367
漏洞平台 Windows CVSS评分 2.6
|漏洞来源
https://www.exploit-db.com/exploits/24404
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200412-367
|漏洞详情
Gadu-Gadu是一款聊天客户端。Gadu-Gadu不正确处理文件扩展名,远程攻击者可以利用这个漏洞伪造扩展名,发送恶意文件给Gadu-Gadu客户端接收。BartoszKwitkowski报告远程验证用户可以建立包含特殊文件名的链接,当Gadu-Gadu接收处理时会以伪造的文件扩展名显示文件并下载,这可通过在文件实际扩展名后追加大量空格字符完成。
|漏洞EXP
source: http://www.securityfocus.com/bid/11017/info

Gadu-Gadu is a Polish instant messaging application for Microsoft Windows operating systems.

It is reported that the Gadu-Gadu instant messenger application contains a weakness allowing attackers to obfuscate file extensions.

This may allow an attacker to send potentially malicious executable files to users who think that they are downloading files that are believed to be harmless. 

file.ext%20(220%20kB)%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20.exe
|参考资料

来源:XF
名称:gadu-gadu-file-ext-spoof(17105)
链接:http://xforce.iss.net/xforce/xfdb/17105
来源:BID
名称:11017
链接:http://www.securityfocus.com/bid/11017
来源:OSVDB
名称:9162
链接:http://www.osvdb.org/9162
来源:SECTRACK
名称:1011037
链接:http://securitytracker.com/id?1011037
来源:VULN-DEV
名称:20040821GADU-GADUInstantmessanger-longfilename
链接:http://seclists.org/lists/vuln-dev/2004/Aug/0007.html
来源:NSFOCUS
名称:6842
链接:http://www.nsfocus.net/vulndb/6842