Several Things about IE bugs
From: Liu Die Yu (liudieyuinchina_at_yahoo.com.cn)
Date: 12/13/03
- Previous message: Todd Chapman: "Advisory: Dark Age of Camelot - Weak encryption of network traffic exposed personal information."
- Next in thread: http-equiv_at_excite.com: "Re: Several Things about IE bugs"
- Maybe reply: http-equiv_at_excite.com: "Re: Several Things about IE bugs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 13 Dec 2003 12:20:40 -0000 To: bugtraq@securityfocus.com('binary' encoding is not supported, stored as-is)
Several Things about IE bugs:
1st, i coded a stable demo of 1stCleanRc:
http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/1stCleanRc-Xp/index.html
some anti-Virus firewall tools may detect this exploit as a virus, but most of these tools will fail if the exploit *files* are changed.(malware also suggested this. :-) )
(
more information about this remote compromise is available at:
http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/index.html
)
second, the list of unpatched IE bugs is moved to:
http://continue.to/trie
OR
http://die.leox.com/DirSvc/security/trie/index.html?
the latest site-spoofing bug ( http://www.securityfocus.com/archive/1/346948 ) was also added there.
the list should be up-to-date, but i could not update my website SAFECENTER.NET/UMBRELLAWEBV4 hosted by BRINKSTER.COM - both web management interface and ftp5.brinkster.com server are unreachable, even thru anonymous proxies.
(thanks to
http://www.leox.com
for providing this host.)
third, about the bug at:
http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid10008-Content.htm
again, it doesn't work on all windowz systems, as i already stated at:
http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid10008-Note.htm
long ago.
but it did work on the Pull's WIN2K, dror's WINXP, codedreamers' WINXP and my WINXP - all up-to-date.
this bug was also found by Codedreamers of
http://codewebs.com
independently, but i think i got it before he. :-)
the demo of this vulnerability is at:
http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid10008-Demo/default.asp
if a download prompt pops up, the exploit fails; if a new IE window pops up, the exploit works.
4th, i collected several interesting notes, mostly about pivx and ms:
http://www.securityfocus.com/archive/1/343544
"Believe me, I am all in for full disclosure and [...]"
http://www.pivx.com/larholm/unpatched/
"PivX is continually updating the Unpatched page, albeit internally."
(
"albeit" =
-----------
Etymology: Middle English, literally, all though it be
Date: 14th century
: conceding the fact that : even though
-----------
from:
http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=albeit
)
http://www.pivx.com/larholm/unpatched/
"Given Microsoft’s recent positive actions together with[...]"
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/default.asp
"Currently, Microsoft has no security bulletins to release as part of the monthly release cycle for the month of December"
http://die.leox.com/ie_unpatched/
"List the Unpatched IE Vulnerabilities
(Content: Key point , essential code and its related comment)
There are currently 20 items. "
http://www.pivx.com/larholm/unpatched/
"This was done in both a spirit of cooperation and for the good of the Internet as a whole. "
("This" means "we have suspended our ‘Unpatched’ page")
http://www.pivx.com/clients.html
"Partial Client List GMAC, BOEING, Microsoft, University of California, [...]"
(i got this from jelmer at:
http://lists.netsys.com/pipermail/full-disclosure/2003-December/014746.html
;-) )
at last, linux is cool. ;-) but windows is more exciting. :-P i use both.
END CALL
- Previous message: Todd Chapman: "Advisory: Dark Age of Camelot - Weak encryption of network traffic exposed personal information."
- Next in thread: http-equiv_at_excite.com: "Re: Several Things about IE bugs"
- Maybe reply: http-equiv_at_excite.com: "Re: Several Things about IE bugs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
