Bugtraq mailing list archives
Re: IE5 allows executing programs
From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Mon, 30 Aug 1999 09:47:47 -0700
At 04:24 PM 8/29/99 -0400, SysAdmin wrote:
Now watch as I modify this to destroy Regedit 32
That's only if the user has write permissions to regedt32. In terms of causing the OS to crash, NT won't let you overwrite system binaries that it is using at the moment. Something else smart to do (at least under win2k) is to use RunAs to run your browser under a lower privileged user than normal. <snip really scary horror story - too bad Godzilla isn't in it>
Has anyone figure out if an arbitrary binary could be executed?
George made that pretty clear. I'll leave the details as an exercise to the reader. Safest thing to do is get the patch and set your system to prompt you when something wants to script one of your ActiveX controls. The problem here isn't so much ActiveX (which is really just equivalent to a plug-in), but the fact that it can be scripted, and that the control itself is responsible for announcing whether it is safe for scripting.
Also, I understand outlook executes this code immediatley, is it possible that this same code could cause someone's system to crash merely by opening the E-Mail?
This depends on how you have Outlook set up. Outlook 2000 allows you to set your e-mail viewing zone to anything you like. Mine is set to Untrusted Zone, which has nearly everything set to either off or prompt. BTW, even default Untrusted Zone isn't untrusted enough for me, so a review of what the actual settings are is probably in order. I also like to set all sorts of stuff to 'prompt' so that it doesn't ignore potential attacks. Then I can take whatever action seems appropriate toward the site that is doing rude things >8-) Maybe it is just me, but DoS-ing end-users really seems about on par with beating up elementary school kids for their lunch money. David LeBlanc dleblanc () mindspring com
Current thread:
- Re: IE5 allows executing programs David LeBlanc (Aug 30)
- <Possible follow-ups>
- Re: IE5 allows executing programs SysAdmin (Aug 30)
- Re: IE5 allows executing programs Jim Frost (Sep 01)
- Re: IE5 allows executing programs David LeBlanc (Sep 01)
- Re: IE5 allows executing programs Brad Griffin (Sep 02)
- Re: IE5 allows executing programs David LeBlanc (Sep 07)
- re, anti btrom Martin Markovitz (Sep 08)
- Re: IE5 allows executing programs Paul L Schmehl (Sep 08)
- SDI AMD remote exploit for RH linux Thiago (Sep 02)
- Re: IE5 allows executing programs J MacCraw (Sep 07)