[23182] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

MSIE 5.5/6 Q312461 patch disclose patch information

daemon@ATHENA.MIT.EDU (KOJIMA Hajime)
Mon Nov 19 15:31:10 2001

From: kjm@rins.ryukoku.ac.jp (KOJIMA Hajime)
To: bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Mon, 19 Nov 2001 11:57:15 +0900
Message-ID: <14484.1006138635@ideon.st.ryukoku.ac.jp>

  If you apply Q312461 (MS01-055) patch to your IE 5.5 SP2 / 6, 
  your IE shows patch information into HTTP_USER_AGENT as:

  IE 6:
    Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Q312461)
  IE 5.5 SP2:
    Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; T312461)

  You can find vulnerable IE 5.5/6 very easily...

What's this?
------------

  It's registry entry, at:

  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform

Tested
------

* Windows 2000 SP2 (japanese) + IE 5.5 SP2 (japanese) + Q312461 (japanese)
* Windows 2000 SP2 (japanese) + IE 6 (japanese) + Q312461 (japanese)

1st reported by
---------------

  SUZUKI, Kazuhiro
  http://memo.st.ryukoku.ac.jp/archive/200111.month/1890.html
  (caution: this URL is written in Japanese)

----
KOJIMA Hajime - Ryukoku University, Seta, Ootsu, Shiga, 520-2194 Japan
[Office] kjm@rins.ryukoku.ac.jp, http://www.st.ryukoku.ac.jp/~kjm/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[23182] in bugtraq

MSIE 5.5/6 Q312461 patch disclose patch information

daemon@ATHENA.MIT.EDU (KOJIMA Hajime)Mon Nov 19 15:31:10 2001

daemon@ATHENA.MIT.EDU (KOJIMA Hajime)
Mon Nov 19 15:31:10 2001