Home page logo

bugtraq logo Bugtraq mailing list archives

Re: iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Wed, 10 Oct 2007 21:15:57 +1300

iDefense Labs wrote:


Deleting the all sub-keys of the following registry keys will remove the
'news' and 'snews' protocol handlers:


If you want to do a thorough job of such mitigation as a Q&D fix, you 
may also need to nuke the 



I can't easily test the viability of exploiting this via an nntp:// URI 
just now, but "nntp" is normally registered (at least with OE -- can 
someone check for Windows Mail?) with exactly the same sub-keys and 
values as the "news" and "snews" URI handlers...


Nick FitzGerald

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]