[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <02bd01c3bf49$dd0695e0$1214dd80@corp.emc.com>
From: exibar at thelair.com (Exibar)
Subject: Re: Internet Explorer URL parsing vulnerability
Yes, that's what I meant. httpS is throwing it on SP2 (meant that this
vuln. doesn't work for httpS on SP2) of course I assume that this vuln
works at all on SP2 :-)
Been a long day already... is it Friday yet? :-)
Ex
----- Original Message -----
From: "Rui Pereira" <ruiper@...w.ca>
To: "'Exibar'" <exibar@...lair.com>
Cc: <full-disclosure@...ts.netsys.com>
Sent: Wednesday, December 10, 2003 1:00 PM
Subject: RE: [Full-Disclosure] Re: Internet Explorer URL parsing
vulnerability
> I am also on SP2...you are SP1
>
> R
>
> -----Original Message-----
> From: Exibar [mailto:exibar@...lair.com]
> Sent: December 10, 2003 9:52 AM
> To: Rui Pereira
> Cc: full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] Re: Internet Explorer URL parsing
> vulnerability
>
> Works as advertised on IE6.0.2800.1106.xpsp1.... interesting, must be
> the
> httpS that's throwing it..
>
> ----- Original Message -----
> From: "Rui Pereira" <ruiper@...w.ca>
> To: "'Exibar'" <exibar@...lair.com>
> Cc: <full-disclosure@...ts.netsys.com>
> Sent: Wednesday, December 10, 2003 12:13 PM
> Subject: RE: [Full-Disclosure] Re: Internet Explorer URL parsing
> vulnerability
>
>
> > Er, on IE6.0.2800.1106.xpsp2....this shows up as
> > https://www.let_me_steal_your_money.com/ in the address line. Guess it
> > don't work as advertised. Maybe we should all upgrade? ;)
> >
> > R
> >
> > -----Original Message-----
> > From: full-disclosure-admin@...ts.netsys.com
> > [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Exibar
> > Sent: December 10, 2003 7:55 AM
> > To: Feher Tamas; full-disclosure@...ts.netsys.com
> > Subject: Re: [Full-Disclosure] Re: Internet Explorer URL parsing
> > vulnerability
> >
> > I can see many people getting duped with this:
> >
> > https://www.paypal.com%01@....let_me_steal_your_money.com
> >
> > so I completely know where you're coming from.
> >
> > exibar
> >
> >
> > ----- Original Message -----
> > From: "Feher Tamas" <etomcat@...email.hu>
> > To: <full-disclosure@...ts.netsys.com>
> > Sent: Wednesday, December 10, 2003 3:23 AM
> > Subject: [Full-Disclosure] Re: Internet Explorer URL parsing
> > vulnerability
> >
> >
> > > >Proof-of-Concept here:
> > > >http://www.zapthedingbat.com/security/ex01/vun1.htm
> > > >
> > > >Vendor Notified 09 December, 2003
> > >
> > > Unless the bug has already been exploited by malicious people, it
> was
> > > a highly irresponsible act to disclose it to the public, without
> > giving
> > > Microsoft a reasonable timeframe to produce a fix. It may even
> qualify
> > > as a crime!
> > >
> > > Considering the simplicity of this URL faking trick, it will be
> > certainly
> > see
> > > active use by scammers during this Christmas shopping season and
> > > thousands of people will be robbed of their online banking accounts,
> > > etc. The money will boost organized crime and the whole society will
> > > suffer. A patch would give customers at least a theoretical chance
> to
> > > protect themselves and the community.
> > >
> > > I certainly would not object to ZapDingbat getting sued for a few
> > billion
> > > bucks by M$ or the US Gov't sending him to a long recreation at
> > > Guantanamo Bay. People like him discredit security research like
> > > nothing else and his acts contribute towards legislation that will
> > curb
> > > people's right to investigate code.
> > >
> > > Regards: Tamas Feher.
> > >
> > >
> > > _______________________________________________
> > > Full-Disclosure - We believe in it.
> > > Charter: http://lists.netsys.com/full-disclosure-charter.html
> > >
> > >
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >
> >
> >
>
>
>
>
>
Powered by blists - more mailing lists