Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III
From: Art Manion <amanion () cert org>
Date: Fri, 07 Nov 2003 12:22:14 -0500
--On Thursday, November 06, 2003 2:02 AM -0700 Kurt Seifried
<kurt () seifried org> wrote:


In our never-ending quest for entertainment, we commece from
this date forward to end-2004 our POS series of findings. That
is the 'perfect operating system'. Today we debut and regurgitate
new and not so new for fun as follows. A warm up for the New Year if
you will !:


This is easy to avoid. Just set the kill bit for the affected Active
component, Adodb.Stream for which the CLSID is
4B106874-DD36-11D0-8B44-00A024DD9EFF.


{4B106874-DD36-11D0-8B44-00A024DD9EFF} is the Local Troubleshooter control.

The ADODB.Stream control, an important part of several current IE exploits,
is {00000566-0000-0010-8000-00AA006D2EA4}.

MS KB article about the kill bit:

  <http://support.microsoft.com/support/kb/articles/q240/7/97.asp>

Disable Active scripting for untrusted sites.


  - Art

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]