[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Internet Explorer (BAN IT !!!)
- Subject: RE: [Full-Disclosure] Internet Explorer (BAN IT !!!)
- From: "Syed Imran Ali" <manipeto@yahoo.co.uk>
- Date: Fri, 10 Oct 2003 15:02:59 +0500
Yup that's true the exploit actually didn?t worked even if I was logged
in as Administrator or a normal user in Windows XPSp1 with all patches
installed except 811394.
Regards,
Syed Imran Ali
Senior Network Engineer
(T) +92-300-9256202
:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:~:
The information contained in this e-mail is confidential and may be
privileged. It is intended for the addressee only. If you have received
this e-mail in error please notify us immediately, then delete this
e-mail. You should not copy it for any purpose, or disclose its contents
to any other person. We cannot accept any responsibility for viruses, so
please scan all attachments. The statements and opinions expressed in
this message are those of the author and do not necessarily reflect
those of the company. The company does not take any responsibility for
the views of the author
-----Original Message-----
From: full-disclosure-admin@lists.netsys.com
[mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of gregh
Sent: Friday, October 10, 2003 3:07 AM
To: Irwan Hadi
Cc: full-disclosure@netsys.com
Subject: Re: [Full-Disclosure] Internet Explorer (BAN IT !!!)
----- Original Message -----
From: "Irwan Hadi" <irwanhadi@phxby.com>
To: "gregh" <chows@ozemail.com.au>
Cc: "Stephen" <alf1num3rik@yahoo.com>; <full-disclosure@netsys.com>
Sent: Thursday, October 09, 2003 3:55 PM
Subject: Re: [Full-Disclosure] Internet Explorer (BAN IT !!!)
> On Thu, Oct 09, 2003 at 07:54:08AM +1000, gregh wrote:
>
> >
> > ----- Original Message -----
> > From: "Stephen" <alf1num3rik@yahoo.com>
> > To: <full-disclosure@netsys.com>
> > Sent: Thursday, October 09, 2003 5:19 AM
> > Subject: [Full-Disclosure] Internet Explorer (BAN IT !!!)
> >
> >
> > >
> > > It becomes really dangerous to use IE ...
> > >
> > > http://www.k-otik.com/WMPLAYER-TEST/
> > >
> > > God bless Mozilla
> > >
> > > http://www.mozilla.org/
> > >
> >
> >
> > Your test didn't work on my IESP1 under XP with all patches
excepting
> > 811394. Absolutely no effect on WMP. My original WMP remains and
works.
>
> It depends whether you were logging as a privileged user or not.
> If not, then your browser can't delete the wmplayer.exe file, because
> the only user that can change/delete the wmplayer.exe file is
privileged
> user.
> C:\PROGRA~1\Windows Media Player>cacls wmplayer.exe
> C:\PROGRA~1\Windows Media Player\wmplayer.exe BUILTIN\Users:R
> BUILTIN\Power Users:C
> BUILTIN\Administrators:F
> NT AUTHORITY\SYSTEM:F
>
>
> C:\PROGRA~1\Windows Media Player>
>
> The problem is just too many people are running their Windows with
> Full Privileges.
>
Didnt matter what I logged in as. I normally am ADMIN, naturally but a
priveleged user, a very limited user - no difference. The exploit didnt
work.
Greg.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html