Thank you for taking the time to report this bug and helping to make Ubuntu better. The issue you are reporting is an upstream one and it would be nice if somebody having it could send the bug to the developers of the software by following the instructions at https://wiki.ubuntu.com/Bugs/Upstream/GNOME. If you have done so, please tell us the number of the upstream bug (or the link), so we can add a bugwatch that will inform us about its status. Thanks in advance.
** Changed in: nautilus (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to nautilus in Ubuntu. https://bugs.launchpad.net/bugs/1236983 Title: Possible security expoit using special characters to manipulate displayed filename. Status in “nautilus” package in Ubuntu: New Bug description: Use of special characters can be used to manipulate a filename extension in Nautilus. We received a piece of malware with a filename that appears differently with Nautilus than on the command line using ls. With Nautilus we see: NO.00123Order# POrcs.pdf With ls in bash we see: NO.00123Order# POfdp.scr Using od the special characters are revealed as: ronp@ron:~/Desktop/virus$ ls *scr | od -c 0000000 N O . 0 0 1 2 3 O r d e r # P 0000020 O 342 200 256 f d p . s c r \n 0000034 Before extraction from the archive, the file appears with question marks as follows: NO.00123Order# PO???fdp.scr Perhaps this would be a more secure way to display the file in Nautaulis revealing the true nature of the file; scr instead of pdf. This occurred with Nautilus 3.4.2 on Ubuntu 12.10 and Nautilus 3.6.3 on Ubuntu 13.04 We note this type of exploit has been used before: https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/23000/PD23930/en_US/McAfee_Labs_Threat_Advisory_XDocCrypt.pdf To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1236983/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
