Full Disclosure mailing list archives
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL From Internet Explorer
From: "first last" <randnut () hotmail com>
Date: Mon, 09 Feb 2004 20:23:07 +0000
Summary: A LoadLibrary / LoadLibraryEx weakness makes SSL on Internet Explorer very vulnerable to a DLL proxy attack. If exploited, unencrypted data can beintercepted before Internet Explorer (IE) uses the SSL module to encrypt thedata. Therefore, confidential information such as bank accounts and passwords could be stolen. Many applications are vulnerable to DLL proxy attack with different ramifications.
This is OLD news. Where have you been? It's been used for as long as LoadLibrary has existed by programs monitoring other programs. There are dozens of other ways of reading data from another program before and after data is encrypted/decrypted. I could write a dozen similar advisories and post them here and to BugTraq but I won't because they're OLD news.
Vendor Status: Microsoft was informed of this weakness in December 2003. As of February 5, 2004, Microsoft has not provided any indication that they intend to provide any remedies for the affected Windows configurations.
Of course they won't because this is OLD news.The subject of your email is "Round One," so I hope your next rounds will have some new information.
_________________________________________________________________Get some great ideas here for your sweetheart on Valentine's Day - and beyond. http://special.msn.com/network/celebrateromance.armx
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL From Internet Explorer first last (Feb 09)
- Re: Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL From Internet Explorer Valdis . Kletnieks (Feb 09)
- <Possible follow-ups>
- Round One: "DLL Proxy" Attack Easily Hijacks SSL From Internet Explorer Disclosure From OSSI (Feb 09)