Bugtraq mailing list archives
Re: Force Feeding
From: mark () BURNETTS NET (M. Burnett)
Date: Mon, 26 Jun 2000 12:50:55 -0600
The demo exploit won't work in W2K because the temp directory where the .exe is downloaded to is "c:\documents and settings\'username'\local settings\temp". If it is possible to get the username through JavaScript and another ActiveX control it could possibly be made to work there also.
Although I haven't tested it, I believe you can use environment variables in the codebase location. The variable to use would be %USERPROFILE% although you could also use %HOMEPATH%, %TEMP%, or %TMP%. M. Burnett
Current thread:
- Force Feeding http-equiv () excite com (Jun 24)
- Re: Force Feeding David LeBlanc (Jun 24)
- Re: Force Feeding Dimitry Andric (Jun 26)
- Re: Force Feeding Philip Stoev (Jun 28)
- Re: Force Feeding David LeBlanc (Jun 28)
- Re: Force Feeding Weld Pond (Jun 25)
- Re: Force Feeding M. Burnett (Jun 26)
- Re: Force Feeding Phonix (Jun 27)
- [suse-security-announce] SuSE Security Announcement: wuftpd-2.6 (fwd) Daniel T. Chen (Jun 27)
- DoS in FirstClass Internet Services 5.770 Adam Prime (Jun 27)
- [slackware-security] wu-ftpd remote exploit patched Christopher Kager (Jun 28)
- [SECURITY] New verion of dhcp released debian-security-announce () LISTS DEBIAN ORG (Jun 28)
- Security Bulletins Digest patrick () PINE NL (Jun 28)
- Bypassing Warnings For Invalid SSL Certificates, Part Two Frank Knobbe (Jun 28)
- NT DNS Server leaks administrator account name in SOA record Roy Hills (Jun 26)
- Re: NT DNS Server leaks administrator account name in SOA record Mikael Olsson (Jun 26)
- Re: NT DNS Server leaks administrator account name in SOA record Chris Knipe (Jun 27)
- Re: Force Feeding David LeBlanc (Jun 24)