Re: Admin.dll (strings ./Admin.dll)

From: TJ Jablonowski (t.jablonowski@mail-2-go.com)
Date: 09/19/01 

Message-ID: <004f01c14098$78e736f0$6401a8c0@star01>
From: "TJ Jablonowski" <t.jablonowski@mail-2-go.com>
To: "Robert D." <xkill@dingoblue.net.au>, "w1re p4ir" <w1rep4ir@disinfo.net>
Subject: Re: Admin.dll (strings ./Admin.dll)
Date: Tue, 18 Sep 2001 19:20:14 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sorry to say only safe versions are ie5.01-sp2, ie5.5-sp2 or ie6.0
ref Microsoft Security Bulletin ms-01-20
ref Knowledge base article Q290108

- ----- Original Message -----
From: "Robert D." <xkill@dingoblue.net.au>
To: "w1re p4ir" <w1rep4ir@disinfo.net>
Cc: <incidents@securityfocus.com>; <vuln-dev@securityfocus.com>
Sent: Tuesday, September 18, 2001 3:51 PM
Subject: Re: Admin.dll (strings ./Admin.dll)

> > Here's where it inserts the javascript to open the evil
> > readme.eml mime Buffer overflow.
>
> I'm I correct assuming this is the same problem discussed in
> MS00-043?
>
> In that case the following configurations are safe:
>
> IE 5.01 SP1 or later
> IE 5.5 or later ( except Windows 2000, sp1 safe?? )
>
>
> --------------------------------------------------------------------
> -------- This list is provided by the SecurityFocus ARIS analyzer
> service.
> For more information on this free incident handling, management
> and tracking system please see: http://aris.securityfocus.com
>

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBO6fWrW+7g8loOAk5EQLxFwCgg42DCLPmhvpsaABkEIHNGFpJiK4AoMQO
gra8+7TRXEdETwrjLH4Ws3GW
=IX9Z
-----END PGP SIGNATURE-----