[5192] in bugtraq
Re: Active X exploit.
daemon@ATHENA.MIT.EDU (Andreas Bogk)
Tue Aug 26 19:16:43 1997
Date: Wed, 27 Aug 1997 00:40:40 +0200
Reply-To: Andreas Bogk <andreas@ARTCOM.DE>
From: Andreas Bogk <andreas@ARTCOM.DE>
X-To: Peter Shipley <shipley@DIS.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Peter Shipley's message of Mon, 25 Aug 1997 15:14:22 -0700
>>>>> "Peter" == Peter Shipley <shipley@DIS.ORG> writes:
Peter> There is a new expliot for active X
Peter> http://www.network-security.com/activex/
This exploit is not new, a similiar program has been around on
http://www.thur.de/home/steffen/activex/index_e.html
since march. And the principle is the same on all ActiveX
exploits. There simply is no security, ActiveX controls are simple
DLLs.
Andreas
--
Never underestimate the value of fprintf() for debugging purposes.
