lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20041228185947.82421.qmail@web61310.mail.yahoo.com>
From: shreddersub7 at yahoo.com (Tim ShredderSub7)
Subject: RE: > hhctrl.ocx is not installed by default in
	all SP1s but is on all SP2. 


Sorry, forgot to mention this. The website (http://www.freewebs.com/shreddersub7/expl-discuss.htm) is updated now. 

I couldn't respond earlier because Microsoft has shutted down my Hotmail account (shreddersub7@...mail.com doesn't work anymore) and therefore I lost all my mails, including the ones from Full Disclosure :-(

Ow well, they can't stop me, just email to shreddersub7_at_yahoo.com ;-)

 

---ORIGINIAL MESSAGE (se_cur_ity_at_hotmail.com)---

> hhctrl.ocx is not installed by default in all SP1s but is on all SP2. 
> Therefore when the exploit page tries to create the object he cannot 
> find it so it tries to install it. On SP2 it exists by default therefore 
> created silently. 


i replied to this because of this statement by the O.P.. 

"Any system running any Microsoft Windows XP edition with Internet Explorer 
6 
or higher, even with SP2 applied." 
this suggests that all XP are affected by default, including sp2. 

cheers, 

m.w 

p.s. I have noticed that the final pre-release of SP2 is much better ( in my 
experience ) 
performance and security wise. ( and it retains raw sockets ). In SP2rc2, 
IE6 popup 
blocker stopped the PoC at default settings. 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041228/5d379035/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ