lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200407101642.i6AGg3Oe016346@web180.megawebservers.com>
From: 1 at malware.com (http-equiv@...ite.com)
Subject: What about M$ in the shell: race


<!-- 

Every bit of real testing I've seen shows this is not a real 
vulnerability in IE. 

 -->

surely you jest.

It is the Key to the Kingdom. To quote the original finder, way 
back in June of 2003:

"allows remote attacker to traverse "Shell Folders" directories. 
A remote attacker is able to gain access to the path of the %
USERPROFILE% folder without guessing a target user name by this 
vulnerability."

shell:desktop

"C:\Documents and Settings\%USERNAME%\Desktop"

Perhaps you missed these "real" tests:

http://poc.homedns.org/execute.htm
http://62.131.86.111/security/idiots/malware2k/installer.htm


or maybe you didn't.


-- 
http://www.malware.com




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ