IE6 VML Vulnerability

• Previous message: Michel Casabona: "[Plugins-writers] plugin 14378 fails to report Netasq fw manager"
• Next in thread: Nicolas Pouvesle: "Re: IE6 VML Vulnerability"
• Reply: Nicolas Pouvesle: "Re: IE6 VML Vulnerability"
• Reply: Nicolas Pouvesle: "[Plugins-writers] Re: IE6 VML Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Question to everyone:

Is it feasible to write an effective network-only check for the latest IE6
VML vulnerability?

My response thusfar is no, primarily because I think there are many
different ways one could mask traffic to exploit the vulnerability. Perhaps,
more fundamental, is the nature of this vulnerability - it is higher up in
the stack and thus, will require more resident or privileged means to
effectively check for the vulnerability.

Thoughts?



_______________________________________________
Nessus mailing list
Nessus@private
http://mail.nessus.org/mailman/listinfo/nessus

• Previous message: Michel Casabona: "[Plugins-writers] plugin 14378 fails to report Netasq fw manager"
• Next in thread: Nicolas Pouvesle: "Re: IE6 VML Vulnerability"
• Reply: Nicolas Pouvesle: "Re: IE6 VML Vulnerability"
• Reply: Nicolas Pouvesle: "[Plugins-writers] Re: IE6 VML Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Tue Sep 26 2006 - 02:57:22 PDT