[33628] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer

daemon@ATHENA.MIT.EDU (Nexus)
Wed Feb 11 18:41:31 2004

From: "Nexus" <nexus@patrol.i-way.co.uk>
To: "Ward Taylor" <rfdhomer@windyplains.com>, <bugtraq@securityfocus.com>
Date: Tue, 10 Feb 2004 16:40:17 -0000
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <20040210162904.B258C19E96B@cattie-brie>

----- Original Message -----
From: "Ward Taylor" <rfdhomer@windyplains.com>
To: <bugtraq@securityfocus.com>
Sent: Monday, February 09, 2004 7:31 PM
Subject: RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet
Explorer


> Hi:
> There is a win2k registry setting which allows the default .dll search
order
> to be changed.

Out of curiosity, does that override the 0 byte .exe.local file trick to
force the application to search the local directory for the .dll first ?
http://www.jsiinc.com/subf/tip2600/rh2606.htm

Cheers.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[33628] in bugtraq

Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer

daemon@ATHENA.MIT.EDU (Nexus)Wed Feb 11 18:41:31 2004

daemon@ATHENA.MIT.EDU (Nexus)
Wed Feb 11 18:41:31 2004