RE: Winnt/Win2k Vuln ?

From: JKlemencat_private
Date: Fri Aug 10 2001 - 11:58:29 PDT

  • Next message: martin.goudreaultat_private: "Re: Winnt/Win2k Vuln ?"

    Was able to reproduce with Win2K SP2 and IE 5.50.4522.1800 when I opened IE
    and simply typed in www.google.com (or whatever I named the file - I simply
    copied write.exe to Desktop\www.google.com ). I was NOT able to reproduce
    this when:
    Adding http:// in front of the www.google.com filename in the IE URL bar
    When launching it from the Start/Run menu
    
    Joe Klemencic
    
    --- Original Message ---
    
    
    
    
    > - copy autoexec.bat to ..\desktop
    > - rename autoexec.bat to www.google.com (can be any url)
    > - then go to IE and type "www.google.com"
    > - your batch file is then ran
    
    Confirmed on Win2K Pro SP1 (5.00.2195) with IE 5.50.4522.1800 (56-bit).
    Actually IE tried to download the www.google.com file probably because of
    the '.com' extension. I also went to START/RUN and typed in www.google.com
    and it tried to run it too (actually giving me an error about it was not a
    vaild Win32 App).
    



    This archive was generated by hypermail 2b30 : Fri Aug 10 2001 - 12:09:05 PDT