[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Microsoft Internet Explorer Full RemoteCompromise w/o User Intervention

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] Microsoft Internet Explorer Full RemoteCompromise w/o User Intervention
From: "Alerta RedSegura" <alerta@xxxxxxxxxxxxx>
Date: Sat, 25 Dec 2004 18:37:28 -0500

I have run the exploit at http://freehost07.websamba.com/greyhats/sp2rc.htm
on several fully patched Windows XP SP2 boxes here (no special config, hta's
and scripting enabled) and no file gets created or run.  Just a help window
displayed and that's it.


Regards,


Inigo Koch
Red Segura

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] /bin/rm file access vulnerability
Next by Date: [Full-Disclosure] MediaSentry false positives?
Previous by thread: [Full-Disclosure] Example of Legal Ruling involving Internet Issues: >> Re: Yahoo and inheiriting someone's email
Next by thread: [Full-Disclosure] MediaSentry false positives?
Index(es):
- Date
- Thread