lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Jul 2004 21:15:02 +0300 From: "Ferruh Mavituna" <ferruh@...ituna.com> To: "'Todd Towles'" <toddtowles@...okshires.com>, "'L33tPrincess'" <l33tprincess@...oo.com>, <bugtraq@...urityfocus.com>, <full-disclosure@...ts.netsys.com> Subject: RE: Re: IE Shell URI Download and Execute, POC The fun is MS says we fixed "shell" but it's still active for me. Ferruh.Mavituna http://ferruh.mavituna.com PGPKey : http://ferruh.mavituna.com/PGPKey.asc > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure- > admin@...ts.netsys.com] On Behalf Of Todd Towles > Sent: Wednesday, July 14, 2004 6:18 PM > To: 'L33tPrincess'; bugtraq@...urityfocus.com; full- > disclosure@...ts.netsys.com > Subject: RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC > > Depends on how Microsoft fixed IE. If they did the same thing as the ADODB > patch from last week and just focused on the Shell.Application variant > instead of the code IE problem, then it won't stop this WSH variant by > L33tPrincess. Which I must say is a sweet name. =) > > > > > > -----Original Message----- > From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure- > admin@...ts.netsys.com] On Behalf Of L33tPrincess > Sent: Tuesday, July 13, 2004 9:34 PM > To: bugtraq@...urityfocus.com; full-disclosure@...ts.netsys.com > Subject: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC > > > > Ferruh, > > Is this a new variant (wscript.shell)? Is the vulnerability mitigated by > today's Microsoft patch? > > > > > > > > Hello; > > Code is based on http://www.securityfocus.com/archive/1/367878 (POC by > Jelmer) message. I just added a new feature "download" and then execute > application. Also I use Wscript.Shell in Javascript instead of > Shell.Application. > > ________________________________ > > Do you Yahoo!? > New and Improved Yahoo! Mail > <http://us.rd.yahoo.com/mail_us/taglines/100/*http:/promotions.yahoo.com/n > ew_mail/static/efficiency.html> - 100MB free storage! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists