Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: > hhctrl.ocx is not installed by default in all SP1s but is on all SP2.
From: Tim ShredderSub7 <shreddersub7 () yahoo com>
Date: Tue, 28 Dec 2004 10:59:47 -0800 (PST)


Sorry, forgot to mention this. The website (http://www.freewebs.com/shreddersub7/expl-discuss.htm) is updated now. 

I couldn't respond earlier because Microsoft has shutted down my Hotmail account (shreddersub7 () hotmail com doesn't 
work anymore) and therefore I lost all my mails, including the ones from Full Disclosure :-(

Ow well, they can't stop me, just email to shreddersub7_at_yahoo.com ;-)

 

---ORIGINIAL MESSAGE (se_cur_ity_at_hotmail.com)---

hhctrl.ocx is not installed by default in all SP1s but is on all SP2. 
Therefore when the exploit page tries to create the object he cannot 
find it so it tries to install it. On SP2 it exists by default therefore 
created silently. 


i replied to this because of this statement by the O.P.. 

"Any system running any Microsoft Windows XP edition with Internet Explorer 
6 
or higher, even with SP2 applied." 
this suggests that all XP are affected by default, including sp2. 

cheers, 

m.w 

p.s. I have noticed that the final pre-release of SP2 is much better ( in my 
experience ) 
performance and security wise. ( and it retains raw sockets ). In SP2rc2, 
IE6 popup 
blocker stopped the PoC at default settings. 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • RE: > hhctrl.ocx is not installed by default in all SP1s but is on all SP2. Tim ShredderSub7 (Dec 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]