Vulnerability Development mailing list archives

Fwd: Re: Win 2000 & IE 'shell://' problem?

From: kelleyam () UMICH EDU (Aaron Kelley)
Date: Thu, 1 Jun 2000 16:53:37 -0400


        Just some thoughts with having to have several  windows open
for the problem to work.  If one was to attempt to use this "exploit"
one could use a java or perl script to open up several window and
then call the shell://.  I'm not sure but you might not even need to
use a script to do it, you might be able to use some sort of
automatic redirection to continuously open window then call shell://,
something like a bowser jack with a twist.
        To repeat some other's, it would be interesting to see if
there is some other exploit that can be run with this problem.
Enjoy,
        AK

Approved-By: BlueBoar () THIEVCO COM
Date:         Wed, 31 May 2000 19:49:11 -0700
Reply-To: Blue Boar <BlueBoar () THIEVCO COM>
Sender: VULN-DEV List <VULN-DEV () SECURITYFOCUS COM>
From: Blue Boar <BlueBoar () THIEVCO COM>
Subject:      Re: Win 2000 & IE 'shell://' problem?
To: VULN-DEV () SECURITYFOCUS COM

I did some brief testing with this today.  I found that whatever version
of Win2K w/IE that I plopped down in front of wouldn't crash with just
opening shell:// or shell://localhost.  The window would flicker a bit.
One poster had indicated that it was dependent on the number of windows
open.  I opened several windows.  Now it would flicker, and cycle between
windows.  With about 8 or 9 IE windows open, it would do the protection
fault and crash.

Thanks everyone for reporting in with various version numbers, etc..
I'll be summarizing shortly, and posting to Bugtraq and MS.

                                      BB


                                x99kelley1 () wmich edu
                                        Aaron Kelley

                        "Any technology that is distinguishable
                                from magic is not sufficiently advanced."

Current thread:

Re: Win 2000 & IE 'shell://' problem? Blue Boar (May 31)
- <Possible follow-ups>
- Fwd: Re: Win 2000 & IE 'shell://' problem? Aaron Kelley (Jun 01)
- Re: Win 2000 & IE 'shell://' problem? Chris Hall (Jun 01)
- Re: Win 2000 & IE 'shell://' problem? Alex Schuetz (Jun 02)
- Re: Win 2000 & IE 'shell://' problem? Nobu Hakeda (Jun 02)
- Re: Win 2000 & IE 'shell://' problem? Stephen John (Jun 02)
  - Warning! 'shell://' with win98 causes endless problems Alex Schuetz (Jun 03)
    - Re: Warning! 'shell://' with win98 causes endless problems nine (Jun 03)
  - shell:// shell:\\ shell: Cory Kantar (Jun 03)
  - JOLT2.C Cory Kantar (Jun 03)
- Re: Win 2000 & IE 'shell://' problem? office (Jun 11)