*** This bug is a security vulnerability ***
You have been subscribed to a public security bug:
After reading an article about how the LRO and RLO unicode characters
could be used to produce deceptive filenames in Vista, me and a friend
of mine tried this on Ubuntu to see if it would work there too.
I used the following command via terminal:
touch S[RLO]iva.exe
where [RLO] is the Right to Left Override character pasted into the terminal.
(Note that some terminals do not allow you to paste this character. At least my
friend's didn't.)
ls'ing the directory shows something akin to S iva.exe. (The space would be the
control character.)
Viewing the directory in nautilus shows the filename as "Sexe.avi".
Quite the tempting filename.
Indeed, everything GUI seems to render the effects of the control
character. At least as far as viewing filename and saving files via
Pidgin's file transfer and such. (The spoofed filename even remains
intact in the field where the filename to save as is defaulted to the
filename that the sender is sending.)
Double clicking would attempt to open it as an exe.
Obviously only remotely detrimental if you have Wine or something else
that handles exe files. But still, the possibility for exploit using
crafted filenames remains.
Something like [RLO]gpj.[LRO]ShellScript could easily be spoofed and
would render as ShellScript.jpg.
Ubuntu 7.10.
** Affects: nautilus (Ubuntu)
Importance: Undecided
Status: New
** Tags: character control format security
--
Control characters alter filename appearance
https://bugs.launchpad.net/bugs/197804
You received this bug notification because you are a member of Ubuntu Desktop
Bugs, which is subscribed to nautilus in ubuntu.
--
desktop-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
