[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER
From: vh <vh@xxxxxxxxxx>
Date: Wed, 12 Jan 2005 01:35:38 +0100

On Wed, 12 Jan 2005 06:52:04 +0800
"Team Pwnge" <team_pwn4ge@xxxxxxxxxx> wrote:

> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - TEAM PWN4GE Security Advisory                                    
> PWNED- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> - - -
> 
>   Severity: HIGH
>      Title: EXPLORER: Vulnerability in all versions of Windows
>      Explorer
>       Date: January 11, 2005
> 
> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
> -
> 
> Synopsis
> ========
> 
> Multiple overflows have been found in Windows Explorer, potentially
> allowing a remote user to open Explorer and run files remotely.
> 
> 
> Background
> ==========
> 
> Windows Explorer is an advanced browsing tool made by Microsoft. It
> is used in daily tasks to open folders, copy files, delete files,
> rename files and view files on a system. It is the foundation of the
> World Wide Web and used by billions worldwide. It runs on an array of
> machines.
> 
> 
> Affected versions
> =================
> 
> All versions of Windows' Explorer are vulnerable
> 
> Description
> ===========
> 
> Shogun Suzuki discovered that a remote user can connect to any
> machine via numerous exploits and use Windows Explorer to view files,
> rename files, delete files, change permissions on files stored on a
> remote machine that has been pwned.
> 
> Impact
> ======
> 
> A remote attacker could install something similar to PCAnywhere
> after exploiting Windows and use Windows' Explorer to view, copy
> and or open any file on a victims machine.
> 
> Workaround
> ==========
> 
> On a command prompt: del C:\WINDOWS\explorer.exe

Isn't explorer the program wich "shows" you the desktop?
Just a clue: Use Open-, Net- or FreeBSD.
These OSs are good enought for all normal tasks you've to do.

Real Workaround: Change the OS 
There's no other way or you like to wait
5 months for a patch. You've to wait at least 4 weeks because MS don#t
provide patches just because there's something critical. Oh no.. they've
their "Patch-Day". Something like a game-show but even more worse
because you don't get patches for all holes even you did everything
right.

> License
> =======
> 
> Copyright 2005 TEAM PWN4GE
> 
> The contents of this document are licensed under the
> Creative Commons - Attribution / Share Alike license.

Mails are FREE...
But sometimes Linux-Users need licenses for everything...
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER
  - From: Team Pwnge

Prev by Date: Re: [Full-Disclosure] Multi-vendor AV gateway image inspection bypass vulnerability
Next by Date: [Full-Disclosure] UnixWare 7.1.4 UnixWare 7.1.3 UnixWare 7.1.1 : mountd remote denial of service
Previous by thread: [Full-Disclosure] MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER
Next by thread: Re: [Full-Disclosure] MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER
Index(es):
- Date
- Thread