CVE-2006-2312
CVSS2.6
发布时间 :2006-05-19 17:02:00
修订时间 :2011-03-17 00:00:00
NMCOS    

[原文]Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*.78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches.


[CNNVD]Skype URI处理 参数注入漏洞(CNNVD-200605-342)

        Skype是一款流行的P2P VoIP软件,可提供高质量的语音通讯服务。
        Skype没有正确解析URL处理器所传送的参数。如果用户受骗访问了特制的Skype URL的话,就会将单个命名文件从一个Skype用户传送给另一个。

- CVSS (基础分值)

CVSS分值: 2.6 [轻微(LOW)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: HIGH [漏洞利用存在特定的访问条件]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-94 [对生成代码的控制不恰当(代码注入)]

- CPE (受影响的平台与产品)

cpe:/a:skype_technologies:skype:1.0.0.9
cpe:/a:skype_technologies:skype:1.0.0.100
cpe:/a:skype_technologies:skype:1.0.0.29
cpe:/a:skype_technologies:skype:1.0.0.97
cpe:/a:skype_technologies:skype:2.0
cpe:/a:skype_technologies:skype:0.98.0.04
cpe:/a:skype_technologies:skype:2.0.104
cpe:/a:skype_technologies:skype:2.5.78
cpe:/a:skype_technologies:skype:2.5
cpe:/a:skype_technologies:skype:1.1.0.0
cpe:/a:skype_technologies:skype:1.0.0.10
cpe:/a:skype_technologies:skype:1.0.0.18
cpe:/a:skype_technologies:skype:1.0.0.94
cpe:/a:skype_technologies:skype:1.4.0.83

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2312
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2312
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200605-342
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/466428
(UNKNOWN)  CERT-VN  VU#466428
http://xforce.iss.net/xforce/xfdb/26557
(UNKNOWN)  XF  skype-uri-handler-file-access(26557)
http://www.vupen.com/english/advisories/2006/1871
(VENDOR_ADVISORY)  VUPEN  ADV-2006-1871
http://www.skype.com/security/skype-sb-2006-001.html
(UNKNOWN)  CONFIRM  http://www.skype.com/security/skype-sb-2006-001.html
http://www.securityfocus.com/bid/18038
(UNKNOWN)  BID  18038
http://www.securityfocus.com/archive/1/archive/1/434707/30/4860/threaded
(UNKNOWN)  BUGTRAQ  20060521 Skype - URI Handler Command Switch Parsing
http://www.osvdb.org/25658
(UNKNOWN)  OSVDB  25658
http://secunia.com/advisories/20154
(VENDOR_ADVISORY)  SECUNIA  20154
http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0549.html
(UNKNOWN)  FULLDISC  20060521 Skype - URI Handler Command Switch Parsing

- 漏洞信息

Skype URI处理 参数注入漏洞
低危 输入验证
2006-05-19 00:00:00 2007-08-13 00:00:00
远程  
        Skype是一款流行的P2P VoIP软件,可提供高质量的语音通讯服务。
        Skype没有正确解析URL处理器所传送的参数。如果用户受骗访问了特制的Skype URL的话,就会将单个命名文件从一个Skype用户传送给另一个。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        x86平台, Microsoft Windows 2000或Microsoft Windows XP:
        http://www.skype.com/products/skype/windows/
        x86平台, Linux:
        http://www.skype.com/products/skype/linux/
        PPC平台, Mac OS X v10.3 (Panther)之后版本:
        http://www.skype.com/products/skype/macosx/
        Pocket PC平台, Microsoft Windows Mobile 2003:
        ttp://www.skype.com/products/skype/pocketpc/

- 漏洞信息

25658
Skype URL Handling Arbitrary File Disclosure
Remote / Network Access Information Disclosure
Loss of Confidentiality Upgrade
Exploit Unknown Vendor Verified

- 漏洞描述

Skype contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious user sends a crafted URL to a targeted user who follows the link, which will transfer a single arbitrary file resulting in a loss of confidentiality.

- 时间线

2006-05-19 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.0.0.105 or 2.5.0.79 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Skype Technologies Skype URI Handling Remote File Download Vulnerability
Input Validation Error 18038
Yes No
2006-05-19 12:00:00 2006-05-23 07:38:00
The vendor credits Brett Moore of Security-Assessment.com Ltd for discovering this issue.

- 受影响的程序版本

Skype Technologies Skype 2.5 .78
Skype Technologies Skype 2.0 .104
Skype Technologies Skype 1.4 .0.83
Skype Technologies Skype 1.1 .0.0
Skype Technologies Skype 1.0 .0.97
Skype Technologies Skype 1.0 .0.94
Skype Technologies Skype 1.0 .0.9
Skype Technologies Skype 1.0 .0.29
Skype Technologies Skype 1.0 .0.18
Skype Technologies Skype 1.0 .0.100
Skype Technologies Skype 1.0 .0.10
Skype Technologies Skype 2.5
Skype Technologies Skype 2.0
Skype Technologies Skype 0.98.0.04
Skype Technologies Skype
Skype Technologies Skype 2.5 .79
Skype Technologies Skype 2.0 .105

- 不受影响的程序版本

Skype Technologies Skype 2.5 .79
Skype Technologies Skype 2.0 .105

- 漏洞讨论

Skype is prone to an arbitrary file-download vulnerability. This issue is due to improper Skype URI handling.

This issue allows remote attackers to transfer files from one Skype user to another, provided the recipient user has previously approved downloads.

By exploiting this issue, attackers may retrieve an arbitrary file from the victim user's computer.

The following versions of Skype for Windows are vulnerable to this issue:

- prior to 2.0.*.104
- 2.5.*.0 through 2.5.*.78.

- 漏洞利用

Attackers likely use the Skype application and/or a web browser to exploit this issue.

- 解决方案

The vendor has released an advisory along with fixes to address this issue. Please see the referenced advisory for further information.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站