TUCoPS :: Browsers :: hack2187.htm

Several Things about IE bugs
Several Things about IE bugs 



Several Things about IE bugs:



1st, i coded a stable demo of 1stCleanRc:

http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/1stCleanRc -Xp/index.html

some anti-Virus firewall tools may detect this exploit as a virus, but most of these tools will fail if the exploit *files* are changed.(malware also suggested this. :-) )

(

more information about this remote compromise is available at:

http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/index.html 

)



second, the list of unpatched IE bugs is moved to:

http://continue.to/trie 

OR

http://die.leox.com/DirSvc/security/trie/index.html? 

the latest site-spoofing bug ( http://www.securityfocus.com/archive/1/346948 ) was also added there. 

the list should be up-to-date, but i could not update my website SAFECENTER.NET/UMBRELLAWEBV4 hosted by BRINKSTER.COM - both web management interface and ftp5.brinkster.com server are unreachable, even thru anonymous proxies.

(thanks to 

http://www.leox.com 

for providing this host.)



third, about the bug at:

http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid1 0008-Content.htm

again, it doesn't work on all windowz systems, as i already stated at:

http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid1 0008-Note.htm

long ago.

but it did work on the Pull's WIN2K, dror's WINXP, codedreamers' WINXP and my WINXP - all up-to-date.

this bug was also found by Codedreamers of 

http://codewebs.com 

independently, but i think i got it before he. :-)

the demo of this vulnerability is at:

http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid1 0008-Demo/default.asp

if a download prompt pops up, the exploit fails; if a new IE window pops up, the exploit works.





4th, i collected several interesting notes, mostly about pivx and ms:



http://www.securityfocus.com/archive/1/343544 

"Believe me, I am all in for full disclosure and [...]"



http://www.pivx.com/larholm/unpatched/ 

"PivX is continually updating the Unpatched page, albeit internally."

( 

"albeit" = 

-----------

Etymology: Middle English, literally, all though it be

Date: 14th century

: conceding the fact that : even though

-----------

from:

http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=albeit 

)



http://www.pivx.com/larholm/unpatched/ 

"Given Microsoft’s recent positive actions together with[...]"



http://www.microsoft.com/technet/treeview/default.asp?url=/technet/se curity/default.asp

"Currently, Microsoft has no security bulletins to release as part of the monthly release cycle for the month of December"



http://die.leox.com/ie_unpatched/ 

"List the Unpatched IE Vulnerabilities

(Content: Key point , essential code and its related comment)

There are currently 20 items. "



http://www.pivx.com/larholm/unpatched/ 

"This was done in both a spirit of cooperation and for the good of the Internet as a whole. "

("This" means "we have suspended our ‘Unpatched’ page")



http://www.pivx.com/clients.html 

"Partial Client List     GMAC, BOEING, Microsoft, University of California, [...]"

(i got this from jelmer at:

http://lists.netsys.com/pipermail/full-disclosure/2003-December/01474 6.html

;-)  )



at last, linux is cool. ;-) but windows is more exciting. :-P i use both.





END CALL

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH