Vulnerability Development mailing list archives
Fwd: Please post this anonymously (without my email-address and such)
From: Blue Boar <BlueBoar () thievco com>
Date: Tue, 23 Oct 2001 22:44:42 -0700
A few of my co-workers and I were just discussing the new error reporting functions of Internet Explorer, and we came up with a nasty idea for a virus utilizing that function as a method of causing a DoS. The idea is to write a virus that propagates through email (nothing new here) and exploits Outlook and Outlook Express to achieve that propagation. This virus would essentially cause the autopreview pane of Outlook to open viewing some type of HTML/ASP, etc in a way that would cause IE to crash when attempting to sort it. At that point, with the more recent releases of IE, there would be an automatic initiation of debug data sent to Microsoft, through using DNS to resolve. Obvious effects would be a likely DoS on business networks and on Microsoft's debug servers. Other effects could include difficulty in reaching and downloading patches for the vulnerabilities in the software (if Microsoft patch servers are utilizing the same WAN link as the debug servers), as well as possible effects upon DNS servers, especially at Microsoft. In addition, as has already been talked about, an enormous amount of private information possibly stored on the debugs would be forwarded as well. I would imagine that this type of virus could also effect other kinds of "bugzilla" services. Just a thought...
Current thread:
- Fwd: Please post this anonymously (without my email-address and such) Blue Boar (Oct 24)
- Re: Fwd: Please post this anonymously (without my email-address and such) Mike DeGraw-Bertsch (Oct 24)
- Re: Fwd: Please post this anonymously (without my email-address and such) terry white (Oct 24)
- Re: Fwd: Please post this anonymously (without my email-address and such) Chris Carey (Oct 24)
- Re: Fwd: Please post this anonymously (without my email-address and such) Mike DeGraw-Bertsch (Oct 24)