Home page logo
/

bugtraq logo Bugtraq mailing list archives

RE: MSIE 5.5/6 Q312461 patch disclose patch information
From: "SCG - Network Administrator" <admin () scg gliwice pl>
Date: Tue, 20 Nov 2001 08:01:40 +0100

  IE 6:
    Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Q312461)
  IE 5.5 SP2:
    Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; T312461)

  You can find vulnerable IE 5.5/6 very easily...

I can confirm that also with:

         Windows NT4 SP6a + Q299444i + IE 5.5 SP2 (and 6.0) + Q312461 - all polish
         Windows 2000 SP2 + IE 6.0 +312461 - all polish

This could be used to do a selective, web-based attack against IE, but can
be also hidden very easily.
You can modify the UserAgent setting via registry or a web-proxy (like
squid).

I wouldn't see it as a big security threat.
Would you?

--
Lukasz 'ptashek' Szmit


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault