lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
From: ACastigliola at (Castigliola, Angelo)
Subject: RE: new internet explorer exploit  (was new worm)

>The known ingredient it uses is : 
>that has gone unpatched for over 5 months now

XP service pack 2 Release candidate 1 patches this exploit.

Angelo Castigliola III
Operations Technical Analyst I
UnumProvident IT Services

-----Original Message-----
From: Jelmer [] 
Sent: Monday, March 29, 2004 9:36 AM
Subject: new internet explorer exploit (was new worm)

The code used by this worm to exploit it's users at least partly  is (i
think) new , the vulnerability it abused has afaik not been published on
eighter bugtraq or full-disclosure. possibly making it (one of?) the
worm to totally catch people offguard.

It allows a mallicious person to take any action on an unsuspecting user
view's a specially prepared page's pc

The known ingredient it uses is :
that has gone unpatched for over 5 months now

The remainder of the exploit manages to confuse this same
object enough to make it think it's being run from a local location

You can protect yourself against it by running

I attached sample code myself to illustrate the problem, because
http-equiv's was messy :)
This one should be more straightforward to use

Instructions :

1. unzip
2. overwrite exploit.exe with the executable you wish to run, or leave
untoched if you want to see some nice texturemapped rotation
3. upload the files to a webserver
4. view exploit.htm

Tested on winxp pro all patches

for the lazy ones among you can also view a demonstration here :
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3742 bytes
Desc: not available
Url :

Powered by blists - more mailing lists