lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <445473027.20031110183520@SECURITY.NNOV.RU>
Date: Mon, 10 Nov 2003 18:35:20 +0300
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: Liu Die Yu <liudieyuinchina@...oo.com.cn>
Cc: bugtraq@...urityfocus.com
Subject: Re: IE: double slash moves cache from INTERNET zone to MYCOMPUTER zone


Dear Liu Die Yu,

In  my  case  (XPSP1  + IE6SP1 + all hotfixes) it doesn't work. Probably
it's older bug (same thing was with \\.\Drive:\)

--Wednesday, November 5, 2003, 1:31:53 PM, you wrote to bugtraq@...urityfocus.com:



LDY> double slash moves cache from INTERNET zone to MYCOMPUTER zone
LDY> ("that's all" is the end of file if you are in a hurry)

LDY> [tested]
LDY> OS:WinXp
LDY> Microsoft Internet Explorer v6.Sp1; up-to-date on 2003/10/30

LDY> [technical detail]
LDY> copy an EXE file to your cache directory:
LDY> [SysDrive]:\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5\EXE.EXE
LDY> then try to use CODEBASE trick to execute that file (refer to http://continue.to/trie --> "codebase local path"), you'll get an error message.
LDY> however set CODEBASE to:
LDY> [SysDrive]:\\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5\EXE.EXE
LDY> (double slash after [SysDrive])
LDY> EXE.EXE in cache directory will be executed.

LDY> conclusion:
LDY> [SysDrive]:\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5\
LDY> is treated in INTERNET zone.
LDY> but
LDY> [SysDrive]:\\Documents and Settings\[user_name]\Local Settings\Temporary Internet Files\Content.IE5\
LDY> is treated in MYCOMPUTER zone.

LDY> that's all.

LDY> of course, it's added to "Unpatched IE Bugs" list maintained by me. here: http://continue.to/trie



LDY> [greeting]
LDY> greetings to:
LDY> the Pull, dror, guninski and mkill.

LDY> -----
LDY> all mentioned resources can always be found at UMBRELLA.MX.TC

LDY> [contact]
LDY> UMBRELLA.MX.TC ==> How to contact "Liu Die Yu"


-- 
~/ZARAZA
Пока вы во власти провидения, вам не удастся умереть раньше срока. (Твен)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ