Full Disclosure mailing list archives
RE: Re: IE Shell URI Download and Execute, POC
From: "Edward Ray" <support () mmicman com>
Date: Wed, 14 Jul 2004 14:38:51 -0700
Problems with MSIE 1. Too many vulnerabilities 2. Too closely tied to OS, thereby making OS more vulnerable 3. 34 (at last count) unpatched vulnerabilities, reference http://umbrella.name/originalvuln/msie/ 4. Taking their time in fixing/patching vulnerabilities. By themselves, they are not a reason to dump IE at the corporate level. But taken all together, CIOs should really consider the safety of their network with users running IE. The mozilla folks are at least promptly fix vulnerabilities, not to mention the fact that Mozilla/Firefox have had far less vulnerabilities and does not lock itself into the OS kernel. My $0.02 Edward W. Ray -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Todd Towles Sent: Wednesday, July 14, 2004 11:20 AM To: 'Ferruh Mavituna'; 'L33tPrincess'; bugtraq () securityfocus com; full-disclosure () lists netsys com Subject: RE: [Full-disclosure] Re: IE Shell URI Download and Execute, POC Once again, they are trying to patch the attack vector used instead of the core IE problem itself (which is directly related to it being tied into the OS level). I was once very pro-microsoft SMS Admin for my company but it is getting out of hand. If you patch a hole, instead of a vector, then L33tPrincess wouldn't be able to add a couple of lines to the code and change the vector to make the exploit workable in like 10 mins. It is like they are throwing the media and the mass public trash "fix" to make them happy while people like us shake our heads at what the public doesn't know. The multiple patches for the same problem with different MS numbers, it is a sad thing. -----Original Message----- From: Ferruh Mavituna [mailto:ferruh () mavituna com] Sent: Wednesday, July 14, 2004 1:15 PM To: 'Todd Towles'; 'L33tPrincess'; bugtraq () securityfocus com; full-disclosure () lists netsys com Subject: RE: [Full-disclosure] Re: IE Shell URI Download and Execute, POC The fun is MS says we fixed "shell" but it's still active for me. Ferruh.Mavituna http://ferruh.mavituna.com PGPKey : http://ferruh.mavituna.com/PGPKey.asc
-----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure- admin () lists netsys com] On Behalf Of Todd Towles Sent: Wednesday, July 14, 2004 6:18 PM To: 'L33tPrincess'; bugtraq () securityfocus com; full- disclosure () lists netsys com Subject: RE: [Full-disclosure] Re: IE Shell URI Download and Execute, POC Depends on how Microsoft fixed IE. If they did the same thing as the ADODB patch from last week and just focused on the Shell.Application variant instead of the code IE problem, then it won't stop this WSH variant by L33tPrincess. Which I must say is a sweet name. =) -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure- admin () lists netsys com] On Behalf Of L33tPrincess Sent: Tuesday, July 13, 2004 9:34 PM To: bugtraq () securityfocus com; full-disclosure () lists netsys com Subject: [Full-disclosure] Re: IE Shell URI Download and Execute, POC Ferruh, Is this a new variant (wscript.shell)? Is the vulnerability mitigated by today's Microsoft patch? Hello; Code is based on http://www.securityfocus.com/archive/1/367878 (POC by Jelmer) message. I just added a new feature "download" and then execute application. Also I use Wscript.Shell in Javascript instead of Shell.Application. ________________________________ Do you Yahoo!? New and Improved Yahoo! Mail <http://us.rd.yahoo.com/mail_us/taglines/100/*http:/promotions.yahoo.c om/n ew_mail/static/efficiency.html> - 100MB free storage!
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- IE Shell URI Download and Execute, POC Ferruh Mavituna (Jul 13)
- <Possible follow-ups>
- Re: IE Shell URI Download and Execute, POC L33tPrincess (Jul 14)
- RE: Re: IE Shell URI Download and Execute, POC Ferruh Mavituna (Jul 14)
- RE: Re: IE Shell URI Download and Execute, POC Todd Towles (Jul 14)
- RE: Re: IE Shell URI Download and Execute, POC Ferruh Mavituna (Jul 14)
- RE: Re: IE Shell URI Download and Execute, POC Todd Towles (Jul 14)
- RE: Re: IE Shell URI Download and Execute, POC Edward Ray (Jul 14)
- Re: Re: IE Shell URI Download and Execute, POC Fabricio A. Angeletti (Jul 17)
- RE: Re: IE Shell URI Download and Execute, POC Ferruh Mavituna (Jul 17)
- RE: Re: IE Shell URI Download and Execute, POC Drew Copley (Jul 14)