[26698] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Delete arbitrary files using Help and Support Center [MSRC 1198dg]

daemon@ATHENA.MIT.EDU (Gary Flynn)
Fri Aug 16 15:30:37 2002

Message-ID: <3D5C3329.3DEC802E@jmu.edu>
Date: Thu, 15 Aug 2002 19:03:05 -0400
From: Gary Flynn <flynngn@jmu.edu>
MIME-Version: 1.0
To: shird@dstc.edu.au
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Shane Hird wrote:
> 
> Temporary solutions may be;
> 
> + delete/move the uplddrvinfo.htm file
> + edit the script of uplddrvinfo.htm to remove the offending code
> + unregister the hcp protocol handler

FYI. If a user runs across an exploit of this, a window titled
"Help and Support Center" will pop up with the text "Get Help
with Your Hardware Device". If this window is closed the specified
files are deleted.

The deletion can apparently be prevented by opening the Task Manager
and killing the HelpCtr.exe process.

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[26698] in bugtraq

Re: Delete arbitrary files using Help and Support Center [MSRC 1198dg]

daemon@ATHENA.MIT.EDU (Gary Flynn)Fri Aug 16 15:30:37 2002

daemon@ATHENA.MIT.EDU (Gary Flynn)
Fri Aug 16 15:30:37 2002