[35707] in bugtraq

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC

daemon@ATHENA.MIT.EDU (Ferruh Mavituna)
Wed Jul 14 14:53:26 2004

Message-ID: <20040714144754.25530.qmail@mail2.securityfocus.com>
From: "Ferruh Mavituna" <ferruh@mavituna.com>
To: "'L33tPrincess'" <l33tprincess@yahoo.com>, <bugtraq@securityfocus.com>,
        <full-disclosure@lists.netsys.com>
Date: Wed, 14 Jul 2004 17:52:25 +0300
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <20040714023338.439.qmail@web21504.mail.yahoo.com>

> Is the vulnerability mitigated by
> today's Microsoft patch?

Both of POCs are working well (at least in my system -W2K3 all patches-)
after recent MS patches.

Can anyone confirm this ?


Ferruh.Mavituna
http://ferruh.mavituna.com
PGPKey : http://ferruh.mavituna.com/PGPKey.asc

> -----Original Message-----
> From: full-disclosure-admin@lists.netsys.com [mailto:full-disclosure-
> admin@lists.netsys.com] On Behalf Of L33tPrincess
> Sent: Wednesday, July 14, 2004 5:34 AM
> To: bugtraq@securityfocus.com; full-disclosure@lists.netsys.com
> Subject: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC
> 
> Ferruh,
> Is this a new variant (wscript.shell)?  Is the vulnerability mitigated by
> today's Microsoft patch?
> 
> 
> 
> Hello;
> 
> Code is based on http://www.securityfocus.com/archive/1/367878 (POC by
> Jelmer) message. I just added a new feature "download" and then execute
> application. Also I use Wscript.Shell in Javascript instead of
> Shell.Application.
> 
> ________________________________
> 
> Do you Yahoo!?
> New and Improved Yahoo! Mail
> <http://us.rd.yahoo.com/mail_us/taglines/100/*http://promotions.yahoo.com/
> new_mail/static/efficiency.html>  - 100MB free storage!

home	help	back	first	fref	pref	prev	next	nref	lref	last	post