Signature Detail
Short Name |
HTTP:STC:TELNET-URL-OPTS |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
HTTP |
Keywords |
HTML URL TELNET Command Line Options File Clobber |
Release Date |
2004/05/19 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: HTML URL TELNET Command Line Options File Clobber
This signature detects TELNET URLs in HTML documents that contain debug or tracefile options. Attackers can entice victims to click on a TELNET URL on a Web page, causing arbitrary files to be overwritten on the victim's computer.
Extended Description
It has been reported that KDE is prone to multiple input validation vulnerabilities in various URI handlers. The issues are reported to exist due to insufficient sanitization of user-supplied input by the telnet, rlogin, ssh and mailto URI handlers. Specifically, if a '-' character is present at the beginning of a host name, options may be passed to the programs to carry out an attack.
Affected Products
- Conectiva Linux 8.0.0
- Conectiva Linux 9.0.0
- KDE 1.1.0
- KDE 1.1.1
- KDE 1.1.2
- KDE 1.2.0
- KDE 2.0.0
- KDE 2.0.0 BETA
- KDE 2.0.1
- KDE 2.1.0
- KDE 2.1.1
- KDE 2.1.2
- KDE 2.2.0
- KDE 2.2.1
- KDE 2.2.2
- KDE 3.0.0
- KDE 3.0.1
- KDE 3.0.2
- KDE 3.0.3
- KDE 3.0.3 A
- KDE 3.0.4
- KDE 3.0.5
- KDE 3.0.5 A
- KDE 3.0.5 B
- KDE 3.1.0
- KDE 3.1.1
- KDE 3.1.1 A
- KDE 3.1.2
- KDE 3.1.3
- KDE 3.1.4
- KDE 3.1.5
- KDE 3.2.2
- Red Hat Fedora Core1
References
- BugTraq: 10358
- CVE: CVE-2004-0411