HTTP: Opera Telnet URI Handler File Creation
This signature detects attempts to exploit a known vulnerability against Opera Web Browser. An attacker can invoke telnet with a trace file name as argument by requesting an URI address to opera web browser, which allows the attacker to create malicious files on the victim machine.
Extended Description
A vulnerability has been identified in multiple products from multiple vendors that may allow a remote attacker to create or modify arbitrary files; these issues relate to the processing of URI requests via various protocol handlers including telnet, rlogin, ssh and mailto. The vulnerability presents itself because applications fail to validate URI input; if a '-' character precedes the host name it is possible to pass options to an application that handles the protocol. Successful exploitation of this issue may allow a remote attacker to create or modify arbitrary files, resulting in a denial of service condition in the browser. The attack would occur in the context of the user running the vulnerable browser. This BID is currently under review and will be updated, and possible separated into multiple issues, when more information becomes available.
Affected Products
Microsoft internet_explorer
Short Name
HTTP:STC:OPERA:TELNET-URI
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2004-0473 Creation File Handler Opera Telnet URI bid:10341
Release Date
06/20/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Apple
Kde
Mozilla
Omni_group
Macwarriors
Alexander_clauss_&_icab_company
Opera_software
Microsoft
CVSS Score
2.6