| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: sgmasood at yahoo.com (S G Masood) Subject: Re: Internet explorer 6 on windows XP allows exection of arbitrary code (Demonstration Exploit Warning) Hi, Jelmer probably forgot to mention this about the demonstration exploit[1] in his advisory[2]: Back up "C:\Program Files\Windows Media Player\wmplayer.exe" before using the exploit as the exploit replaces the original wmplayer.exe(main WMP executable) with the dropped file(also named wmplayer.exe). After exploitation, the dropped wmplayer.exe can be deleted and the backed-up, original version replaced. If this is not done, the existing installation of Windows Media Player will be damaged and will have to be reinstalled. And, ofcourse, since the exploit depends on replacing the WMP executable, it will not work if Media Player is running. Test the exploit while Media Player is not running. Tested here successfully with Win2kSP0 IE6 WMP9. [1]Exploit -> http://ip3e83566f.speed.planet.nl/hacked-by-chinese/5.htm [2]http://www.securityfocus.com/archive/1/337285 -- Regards, S.G.Masood Hyderabad, India. -- `You don't believe in me,' observed the Ghost.`Why do you doubt your senses?' `Because,' said Scrooge, `a little thing affects them. A slight disorder of the stomach makes them cheats. You may be an undigested bit of beef, a blot of mustard, a crumb of cheese, a fragment of an underdone potato. There's more of gravy than of grave about you, whatever you are!' -Charles Dickens in `A Christmas Carol' -- __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Powered by blists - more mailing lists