Full Disclosure mailing list archives
XP security hole uplddrvinfo.htm
From: gobbles () hush com (gobbles () hush com)
Date: Tue, 10 Sep 2002 15:05:27 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Green is tasty color even more tasty administrator on phyve.com
Did you eat paint chips as a child? -----Original Message----- From: gobbles () hush com [mailto:gobbles () hush com] Sent: Tuesday, September 10, 2002 4:23 PM To: full-disclosure () lists netsys com Cc: full-disclosure () lists netsys com Subject: RE: [Full-disclosure] XP security hole uplddrvinfo.htm fuck you 2. mindless consultant rely on charletan look dumb fuck gibson suck nothing but shit covered dick Paul Tinsley get gibson left over must taste good here is invoice i look smart hire again mom is proudYou people amaze me.... you are too busy proving that each other suck to just get the word out on exploits. You should note that I never claimed who discovered it, I honestly don't care. I know personally Iwould prefer if political agendas or conspiracy theories stay off thelist. Point is, systems are insecure, get the word out. Pat on theback for whoever did discover it... So revised version of original message: I haven't seen much if any coverage of a rather nasty exploitin Windows XP that was discovered by what I believe was a human on earth.If you would like to keep your XP boxes from being venerable to thisexploit which happens to delete whatever a properly formed link requests, delete %windir%\PCHEALTH\HELPCTR\System\DFS\uplddrvinfo.htm Thank you to Thor for posting more accurate information in reply to my message.... Shane Hird discovered it. You can see his post here: http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00224.html And you can try a proof-of-concept here: http://jscript.dk/2002/8/sec/xphelpdelete.html And you can see all of the 20 publicly known unpatched vulnerabilities in Internet Explorer here: http://www.pivx.com/larholm/unpatched/ -----Original Message----- From: gobbles () hush com [mailto:gobbles () hush com] Sent: Tuesday, September 10, 2002 2:36 PM Subject: Re: [Full-disclosure] XP security hole uplddrvinfo.htm-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Steve Gibson=FUD charlaten www.grcsucks.comSorry if this has already been posted but I was made aware ofarather ugly security hole in Windows XP.FUD FUD FUDThis vulnerability allows the files contained in any specifieddirectory on your system to be deleted if you click on a specially formedURL. This URL could appear anywhere: sent in malicious eMail, in achat room, in a newsgroup posting, on a malicious web page, or even executed whenGeogie Guninski discovered this long time ago. Major vulnerability also exist if user type format command wrong. Gibson no skills not discover this.your computer merely visits a malicious web page. It is likelyto be widely exploited soon.Widely exploited soon? Gibson planning something? bullshit bullshit bullshitThis vulnerability is so dangerous that it would be irresponsible for me to say more. Microsoft has known of this problem for months and FUD FUD FUD bullshit bullshit bullshit. Gibson is marketing.General terms high level bullshit mean more consultant dollars.has, inexplicably, done nothing before now. Although XP's ServicePack 1 is not small (approx 30 MB for express installation or 140 MB forthe network install), and even though a much quicker and easier solution to this problem exists, the only thing I can safely recommend (without revealing too much) is to urge all XP users to somehow obtainand install Service Pack 1 immediately. (If you have a slow Internet connection, perhaps a friend can download the executable Service Pack file and burn it onto a CD for you?)More fud fud fud bullshit bullshit bullshit. Problem fixed with hotfix not sp1. Gibson very dumb.This problem does not affect any systems other than Windows XP.If you have any friends or co-workers running Windows XP, please urgethem to update their systems' too. Once the details of this vulnerability have leaked through other channels I will provide additional information.Gibson planning leak? Tell friends that Gibson great securityguy and pay to consult. bullshit bullshit bullshit FUD FUD FUDthere is an alternative. There's a file you can rename or delete to fix the security hole. Here are the steps: Perform a search for a file on your C drive called "uplddrvinfo.htm." Once you've found the file, delete it or rename it. Doing sowill not hinder your ability to use Windows XP.bullshit bullshit bullshit. Does not fix problem. Gibson is dumb. -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wlgEARECABgFAj1+RfMRHGdvYmJsZXNAaHVzaC5jb20ACgkQpmwDHEAx56siiwCgkCxM SwzADNeDmHjVlFWgxDpK9yoAn3sN5Hqhxdyn9xOAFsdmtRYDN3Vd =Ok0V -----END PGP SIGNATURE----- Get your free encrypted email at https://www.hushmail.comYou people amaze me.... you are too busy proving that each other suck to just get the word out on exploits. You should note that I never claimed who discovered it, I honestly don't care. I know personally Iwould prefer if political agendas or conspiracy theories stay off thelist. Point is, systems are insecure, get the word out. Pat on theback for whoever did discover it... So revised version of original message: I haven't seen much if any coverage of a rather nasty exploitin Windows XP that was discovered by what I believe was a human on earth.If you would like to keep your XP boxes from being venerable to thisexploit which happens to delete whatever a properly formed link requests, delete %windir%\PCHEALTH\HELPCTR\System\DFS\uplddrvinfo.htm Thank you to Thor for posting more accurate information in reply to my message.... Shane Hird discovered it. You can see his post here: http://cert.uni-stuttgart.de/archive/bugtraq/2002/08/msg00224.html And you can try a proof-of-concept here: http://jscript.dk/2002/8/sec/xphelpdelete.html And you can see all of the 20 publicly known unpatched vulnerabilities in Internet Explorer here: http://www.pivx.com/larholm/unpatched/ -----Original Message----- From: gobbles () hush com [mailto:gobbles () hush com] Sent: Tuesday, September 10, 2002 2:36 PM Subject: Re: [Full-disclosure] XP security hole uplddrvinfo.htm-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Steve Gibson=FUD charlaten www.grcsucks.comSorry if this has already been posted but I was made aware ofarather ugly security hole in Windows XP.FUD FUD FUDThis vulnerability allows the files contained in any specifieddirectory on your system to be deleted if you click on a specially formedURL. This URL could appear anywhere: sent in malicious eMail, in achat room, in a newsgroup posting, on a malicious web page, or even executed whenGeogie Guninski discovered this long time ago. Major vulnerability also exist if user type format command wrong. Gibson no skills not discover this.your computer merely visits a malicious web page. It is likelyto be widely exploited soon.Widely exploited soon? Gibson planning something? bullshit bullshit bullshitThis vulnerability is so dangerous that it would be irresponsible for me to say more. Microsoft has known of this problem for months and FUD FUD FUD bullshit bullshit bullshit. Gibson is marketing.General terms high level bullshit mean more consultant dollars.has, inexplicably, done nothing before now. Although XP's ServicePack 1 is not small (approx 30 MB for express installation or 140 MB forthe network install), and even though a much quicker and easier solution to this problem exists, the only thing I can safely recommend (without revealing too much) is to urge all XP users to somehow obtainand install Service Pack 1 immediately. (If you have a slow Internet connection, perhaps a friend can download the executable Service Pack file and burn it onto a CD for you?)More fud fud fud bullshit bullshit bullshit. Problem fixed with hotfix not sp1. Gibson very dumb.This problem does not affect any systems other than Windows XP.If you have any friends or co-workers running Windows XP, please urgethem to update their systems' too. Once the details of this vulnerability have leaked through other channels I will provide additional information.Gibson planning leak? Tell friends that Gibson great securityguy and pay to consult. bullshit bullshit bullshit FUD FUD FUDthere is an alternative. There's a file you can rename or delete to fix the security hole. Here are the steps: Perform a search for a file on your C drive called "uplddrvinfo.htm." Once you've found the file, delete it or rename it. Doing sowill not hinder your ability to use Windows XP.bullshit bullshit bullshit. Does not fix problem. Gibson is dumb. -----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wlgEARECABgFAj1+RfMRHGdvYmJsZXNAaHVzaC5jb20ACgkQpmwDHEAx56siiwCgkCxM SwzADNeDmHjVlFWgxDpK9yoAn3sN5Hqhxdyn9xOAFsdmtRYDN3Vd =Ok0V -----END PGP SIGNATURE----- Get your free encrypted email at https://www.hushmail.comGet your free encrypted email at https://www.hushmail.com
-----BEGIN PGP SIGNATURE----- Version: Hush 2.1 Note: This signature can be verified at https://www.hushtools.com wlgEARECABgFAj1+aQURHGdvYmJsZXNAaHVzaC5jb20ACgkQpmwDHEAx56tA2gCeI0xZ TKAPHWgdvu7BcDjENEaZ3ToAoI/eO64ofr03i/2ZnSkK9GjHeYZU =yN5Q -----END PGP SIGNATURE----- Get your free encrypted email at https://www.hushmail.com
Current thread:
- XP security hole uplddrvinfo.htm Paul Tinsley (Sep 10)
- XP security hole uplddrvinfo.htm Thor Larholm (Sep 10)
- <Possible follow-ups>
- XP security hole uplddrvinfo.htm Paul Tinsley (Sep 10)
- XP security hole uplddrvinfo.htm Georgi Guninski (Sep 10)
- XP security hole uplddrvinfo.htm gobbles () hush com (Sep 10)
- XP security hole uplddrvinfo.htm gobbles () hush com (Sep 10)