Home page logo

bugtraq logo Bugtraq mailing list archives

For those who installed Decon fix for con/con vulnerability
From: Tima () AU RU (Tima)
Date: Thu, 16 Mar 2000 19:08:21 +0300

If you had con problem and installed Decon fix, you are now vulnerable
to another win 95(possibly)/98(tested) crash which is worse than the previous.

Software affected : All versions of Microsoft Internet Explorer (It
doesn't work in Netscape Navigator)

Actual problem :
Type existing server in address box, and then request for nonexistent file
with name >300 symbols. After server sends reply to the browser
your system stops responding at all, Control+Alt+Del work but you
won't see the box with tasks running so only thing you can do is
Somebody can deface some good website and create a redirect
with 0 seconds waiting to such link.

Example: http://www.amsouth.com/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Fix: Delete Decon fix from startup folder :) Now you are vulnerable
to con/con.

Hello to Cre () tor

Speedo                          mailto:Tima () au ru

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]