| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 08 Oct 2003 09:39:31 +0200 From: "Philip Wagenaar" <p.wagenaar@...on.nl> To: <bugtraq@...urityfocus.com> Subject: Betr.: IE 6 XML Patch Bypass I tried tried the proof of concept and indeed it looks like your 'hack' was succesful. I have WinXP with all patches from WindowsUpdate and run Sophos AV. However, you might want to put up a warning that running the proof of concept will change a on your harddisk. Met vriendelijke groet, Philip Wagenaar AccoN Accountants & Adviseurs ICT Project Bureau Postbus 5090 6802 EB Arnhem The Netherlands tel. +31 (0)26-3842384 fax. +31 (0)26-3630222 mobile: +31 (0)6-25388935 MSN/E-mail: p.wagenaar@...on.nl http://www.accon.nl >>> "Mindwarper *" <mindwarper@...uxmail.org> 07-10-03 16:11 >>> IE 6 XML Patch Bypass I have recently been playing around with the xml+windows media player exploit, and it seems that even with the new Microsoft patch applied, the vulnerability works. I have tried it on 7 different people, on win2k and xp, and it worked everytime. The 8th person was using DAP (Download Acceselerator Plus), so it asked him if he wanted to download the executable. IE hacks like Dybuk Explorer are not affected by the vulnerability as well. Here is a proof-of-concept: http://mindlock.bestweb.net/wmp.htm Note: this only works on people who have media player in C:\Program Files\Windows Media Player\ and version 9. I am not 100% sure, but I believe that microsoft's new patch fixes the 401 bug. I tried using "HTTP/1.0 401 EVIL EVIL" so this may have been the reason for the patch bypass. My solution would be to disable the media bar in IE 6. I explained how to do so in wmp.htm. -----------------------------| - Mindwarper | - mindwarper@...uxmail.org | - http://mindlock.bestweb.net| -----------------------------| -- ______________________________________________ http://www.linuxmail.org/ Now with e-mail forwarding for only US$5.95/yr Powered by Outblaze ################################################################## Dit e-mailbericht is uitsluitend bestemd voor de geadresseerde. De informatie hierin is vertrouwelijk, zodat het derden niet is toegestaan om daarvan kennis te nemen of dit te verstrekken aan andere derden. Indien u dit e-mail bericht ontvangt terwijl het niet voor u bestemd is, verzoeken wij u contact op te nemen met de afzender en de informatie te verwijderen van iedere computer. Bij voorbaat dank. ================================================================== The information transmitted in this e-mail is intended only for the person or entity to which it is addressed and contains confidential information. Any review, retransmission or other use by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. Thank you. ################################################################## ##################################################################################### This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal #####################################################################################
Powered by blists - more mailing lists