[16333] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: BrownOrifice can break firewalls! NOW MSIE

daemon@ATHENA.MIT.EDU (Alexey Yarovinsky)
Mon Aug 21 17:30:53 2000

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id:  <399F8F0F.ADF65EFB@oltres.com>
Date:         Sun, 20 Aug 2000 10:55:59 +0300
Reply-To: Alexey Yarovinsky <ayarovin@OLTRES.COM>
From: Alexey Yarovinsky <ayarovin@OLTRES.COM>
X-To:         Andreas.Greulich@ISB.ADMIN.CH
To: BUGTRAQ@SECURITYFOCUS.COM

Hi,

The same security hole, exists in MSIE too, with one restriction: url can't
start with file:. But still the applet from outside site, can access you
intranet servers including ftps and ALL sites you have access to. The
demonstration of the bug is here:

http://www.oltres.com/ms-bug/

Thanx, Alexey.

PS: The applet was tested on WinNT 4.0sp5 with Internet Explorer both 5 and 5.5
versions.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[16333] in bugtraq

Re: BrownOrifice can break firewalls! NOW MSIE

daemon@ATHENA.MIT.EDU (Alexey Yarovinsky)Mon Aug 21 17:30:53 2000

daemon@ATHENA.MIT.EDU (Alexey Yarovinsky)
Mon Aug 21 17:30:53 2000