Fortinet Discovers Akamai Download Manager Arbitrary File Download Vulnerability
Fortinet's FortiGuard Labs has discovered arbitrary file download vulnerability in Akamai Download Manager.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Apr 22, 2008
Users should use the solution provided by Akamai.
Additional InformationThe vulnerability exists in Akamai Download Manager ActiveX control when parsing a parameter which is passed to it. A remote attacker could craft a malicious Web page to exploit the control, which would result in a file being downloaded to an arbitrary location on a user's system once visiting the site. An attacker who successfully exploits this vulnerability can then run arbitrary code on the user's system. For example, a malicious file could be downloaded to a users "startup" folder which would then execute on system boot-up. The arbitrary location must be a valid path, or the file will not download. When a valid path is used, the file will be downloaded in a "drive-by" nature without any user interaction required.
Haifei Li of Fortinet's FortiGuard Global Security Research Team