mailing list archives
Re: Win2k Telnet.exe malicious server vulnerability
From: Micah Webner <micah () SYSTIME COM>
Date: Thu, 14 Sep 2000 10:34:30 -0400
----- Original Message -----
From: "monti" <monti () USHOST COM>
To: <BUGTRAQ () SECURITYFOCUS COM>
Sent: Wednesday, September 13, 2000 4:13 PM
Subject: Win2k Telnet.exe malicious server vulnerability
I would speculate that it might also be possible to force this to
creative HTLM. I try really hard not to do HTLM/web-code anymore
it's really necessary so I didnt test this.
I tested this with IE5.5 and a simple http refresh, and it opened a
Didn't even need jscript/ActiveX/java to pull it off.