Re: Crash IE with shell://:

From: Dino Amato (slayer67at_private)
Date: Wed May 23 2001 - 10:52:44 PDT

Next message: Shoten: "Re: CacheFlow external listerner 137/udp"

Previous message: Kevin J. Menard, Jr.: "Re[2]: Crash IE with shell://:"
In reply to: Peter: "Re: Crash IE with shell://:"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Well on a SGI running IRIX 6.5.11 w/Netscape 4.75 nothing happened ;)


On Wed, 23 May 2001, Peter wrote:

> Guys try www.nul.cjb.net
>
> That is my site and it tries to exploit just about every NS/IE/Win9x but that will
> make the OS crash [win9x] or IE/NS crash.  Included is this whole gopher thing
> also.
>
> btw, that htm page didn't work for me either, -- did nada.
>
> On 05/22/2001 11:31:53 AM, cory is quoted as saying:
>
>
> . . . .|On Tue, 22 May 2001, Kayne Ian (Softlab) transferred the following data:
> . . . .|
> . . . .|> All...
> . . . .|> 	Wrote this little thing in a few spare mins. I'm no use with
> . . . .|> javascript or webbased coding, so I'm sure there's much more you could do
> . . . .|> with this. Anyway, attached is a .html that crashes all the machines I
> . . . .|> tested it on - be prepared to loose explorer.exe if you run it. I guess this
> . . . .|> is a working exploit/bug (and a really annoying one if it starts appearing
> . . . .|> on the web), so if someone wants to forward this to the appropriate people
> . . . .|> (bugtraq? microsoft?) then go for it... Also, if we could narrow down
> . . . .|> exactly what it takes to fix it in the current versions, that would be good
> . . . .|> too.
> . . . .|>
> . . . .|> enjoy...
> . . . .|>
> . . . .|> Ian Kayne
> . . . .|> Technical Specialist - IT Solutions
> . . . .|> Softlab Ltd - A BMW Company
> . . . .|>
> . . . .|
> . . . .|Tried this against IE 5 ver. 5.00.2614.3500 with little result.
> . . . .|The .htm shows up for a few seconds, then you recieve a 404 , with the
> . . . .|Address box changing from http://blah.com/iecrashtest.htm to just
> . . . .|/test.htm (strange?). During the change to a 404, a smaller box appears
> . . . .|with res://C:\\Windows\System\SHDOCLC.DLL/syntax.htm explaining that the
> . . . .|page can not be displayed, possibly because of removal or name change. It
> . . . .|then request you do the following:
> . . . .|	Open the
> res://C:\WINDOWS\SYSTEM\SHDOCLC.DLL/syntax.htm#shell://
> . . . .|	home page, and then look for the links to the information you
> . . . .|	want.
> . . . .|
> . . . .|Hope that helps
> . . . .|
> . . . .|cory
>
>
>
> www.nul.cjb.net
> www.FreeBSD.org
>
>
>
> _________________________________________________________
> Do You Yahoo!?
> Get your free @yahoo.com address at http://mail.yahoo.com
>

Next message: Shoten: "Re: CacheFlow external listerner 137/udp"
Previous message: Kevin J. Menard, Jr.: "Re[2]: Crash IE with shell://:"
In reply to: Peter: "Re: Crash IE with shell://:"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 23 2001 - 13:57:54 PDT