| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 3 Jul 2004 01:28:26 -0000 From: <liudieyu@...rella.name> To: <bugtraq@...urityfocus.com>, <NTBugtraq@...tserv.ntbugtraq.com>, <full-disclosure@...ts.netsys.com> Subject: THE INSIDER VULNERABILITY STILL WORKS AFTER TODAY'S PATCH FROM: Liu Die Yu - http://umbrella.name/ TO : bugtraq@...urityfocus.com, NTBugtraq@...tserv.ntbugtraq.com, full-disclosure@...ts.netsys.com SUBJ: THE INSIDER VULNERABILITY STILL WORKS AFTER TODAY'S PATCH DATE: 2004/07/03 UTC+800 BODY: [background] the latest 0day remote compromise exploit for internet explorer was found being used in the wild. :-) "the-insider" exploit was first noticed by the-insider: http://umbrella.name/iebug.com/display-singlemessage.php?readmsg:fulldisclosure_message-2004060050 and then documented by jelmer: http://umbrella.name/iebug.com/display-singlemessage.php?readmsg:fulldisclosure_message-2004060124 http://62.131.86.111/analysis.htm microsoft just released: Critical Update for Microsoft Data Access Components - Disable ADODB.Stream object from Internet Explorer (KB870669) http://www.microsoft.com/downloads/details.aspx?FamilyID=4D056748-C538-46F6-B7C8-2FBFD0D237E3&DisplayLang=en which kills the old exploit. [FIX FOR THE PATCH] use Shell.Application instead. [service] both "attack service"(finding bugs) and "defense service"(securing systems): http://umbrella.name/ [greetings] malware( http://www.malware.com/ ) who found Shell.Application. [signature] LIUDIEYU liudieyu AT umbrella . name _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists