RE: CommonName Toolbar potentially exposes LAN web addresses

["Eric Stevens" <mightye () mightye org>]

In fact, I noticed the "Resolve Local Intranet Names" option, altering its
setting had no noticeable effect on behavior.

Further, I ran the uninstaller with all other applications closed, and
although the options for CommonName were removed from within Internet
Explorer, local addresses were still being routed to the CommonName website.
Rebooting the machine and attempting to delete the CommonName folder in
Program Files before opening any applications, I was denied the ability as
the Babe DLL was already in use, thus the reason I used ACL's to deny access
to that folder.

-----Original Message-----
From: Support [mailto:Support () Commonname com]
Sent: Thursday, October 03, 2002 11:15 AM
To: Eric Stevens; bugtraq () securityfocus com
Subject: RE: CommonName Toolbar potentially exposes LAN web addresses


Thank you for your email,

Intranet resolution with CommonName can be activated by opening IE, clicking
on

Tools > Internet Options > Advanced

Then scroll down to the CommonName section and selecting Resolve Local
Intranet Names.

With this feature activated Intranet names are not routed to CommonName for
checking against our database of keywords.