lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20030913031539.76565.qmail@web11005.mail.yahoo.com>
Date: Fri, 12 Sep 2003 20:15:39 -0700 (PDT)
From: S G Masood <sgmasood@...oo.com>
To: bugtraq@...urityfocus.com
Subject: Re: Internet explorer 6 on windows XP allows exection of arbitrary code (Demonstration Exploit Warning)


Hi,

Jelmer probably forgot to mention this about the
demonstration exploit[1] in his advisory[2]: Back up
"C:\Program Files\Windows Media Player\wmplayer.exe"
before using the exploit as the exploit replaces the
original wmplayer.exe(main WMP executable) with the
dropped file(also named wmplayer.exe). After
exploitation, the dropped wmplayer.exe can be deleted
and the backed-up, original version replaced.

If this is not done, the existing installation of
Windows Media Player will be damaged and will have to
be reinstalled. And, ofcourse, since the exploit
depends on replacing the WMP executable, it will not
work if Media Player is running. Test the exploit
while Media Player is not running.

Tested here successfully with Win2kSP0 IE6 WMP9.


[1]Exploit ->
http://ip3e83566f.speed.planet.nl/hacked-by-chinese/5.htm
[2]http://www.securityfocus.com/archive/1/337285


--
Regards,
S.G.Masood
Hyderabad,
India.



--
`You don't believe in me,' observed the Ghost.`Why do
you doubt your senses?'
`Because,' said Scrooge, `a little thing affects them.
A slight disorder of the stomach makes them cheats.
You may be an undigested bit of beef, a blot of
mustard, a crumb of cheese, a fragment of an underdone
potato. There's more of gravy than of grave about you,
whatever you are!'

-Charles Dickens in `A Christmas Carol'
--




__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ