Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

ms activex setup ctl exploit.
From: muks () HD2 VSNL NET IN (Mukund)
Date: Wed, 1 Mar 2000 21:13:47 +0530

hi. this is my first posting to bugtraq.
a complete description of the microsoft active setup control's
unsigned cab file execution vulnerability and exploit is published
on securityfocus. you may want to check this out.
this is a sad vulnerability. one can actually transfer an EXE file
to the other side and get it executed without the user's knowledge.

http://www.securityfocus.com/data/vulnerabilities/exploits/775.html

an alternate address is:

http://www.crosswinds.net/~muks/

SHORT MESSAGE: if you use outlook express,
download the patches for the above off microsoft's
site and install them. or turn off all activex controls in your
security settings of outlook express. better yet, change your
mail client.

this exploit is published at

http://www.securityfocus.com/bid/775/

cheers!
mukund

  By Date           By Thread  

Current thread:
  • ms activex setup ctl exploit. Mukund (Mar 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]