RE: scary site

From: Jayme Kinneberg (jayme.kinneberg@mynetfutures.com)
Date: 03/09/02 

Date: Sat, 09 Mar 2002 11:07:12 -0800
From: Jayme Kinneberg <jayme.kinneberg@mynetfutures.com>
To: 'Patrick Smallwood' <smalwood@us.ibm.com>, security-basics@security-focus.com

absolutely im still tring to figure out if I could pass a CSCRIPT.EXE
parameter. :)

-----Original Message-----
From: Patrick Smallwood [mailto:smalwood@us.ibm.com]
Sent: Thursday, March 07, 2002 9:32 PM
To: security-basics@security-focus.com
Subject: Re: scary site

So I am mostly an MS Exchange admin, and still learning the basics, (have
learned alot over the past 6 months thanks to this list!)

Could this vulnerability launch cmd as a service or edit the \run reg key?
if so, in what user context? (current user?)
Could it be launched with a command (ie del/format/shutdown)?

Just wondering worse case...sorry for the naive security question

Thank you,
Patrick

                      Martin Klaus
                      <mak@pop.odn.de> To:
<security-basics@security-focus.com>
                                               cc:
                      03/06/2002 11:27 Subject: Re: scary site
                      AM

It doesn't work with IE5.5 under Win NT4.0

regards
Martin

At 12:30 05.03.02 -0500, leon wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>http://www.liquidwd.freeserve.co.uk/
>
>
>Try it with a windows machine and IE with all patches.
>
>Be afraid be very afraid.
>
>FYI this is for all those people who are think that just having a
>firewall is enough.

___________________________________________________________
"Sechzig Milliarden Gigabytes können eine ganze Menge.
Sie putzen sogar Fenster...." (Frederic Pohl)

ODN OnlineDienst Nordbayern GmbH
Rechenzentrum und Besuchsanschrift:
Steinstr. 19
D-90419 Nürnberg
Martin Klaus
Tech Support und Administration
Hotline (nur regional): 0180 3213233
my E-Mail: mak@odn.de my Fax: +49 911 - 93428 00025
Fax allgemein: +49 911 - 933 8 777

http://support.odn.de

Geschäftsführer der Gesellschaft: Bruno Schnell, Stefan Hartmann
Sitz der Gesellschaft: Nürnberg - Registergericht Nürnberg/HR.B 15398
___________________________________________________________

Relevant Pages

  • Re: scary site
    ... >Be afraid be very afraid. ... Rechenzentrum und Besuchsanschrift: ... D-90419 Nürnberg ... Geschäftsführer der Gesellschaft: Bruno Schnell, ...
    (Security-Basics)
  • Re: scary site
    ... >Try it with a windows machine and IE with all patches. ... >Be afraid be very afraid. ... D-90419 Nürnberg ... Geschäftsführer der Gesellschaft: Bruno Schnell, ...
    (Security-Basics)