[Dshield] An unfixed highly critical vulnerability discovered inMicrosoft Internet Explorer

Matt Shirilla mshirilla at micim.com
Fri Apr 9 19:44:32 GMT 2004


I renamed the registry keys to disable the ITS protocol and now I want to
test my work.  It would be nice if there was a harmless test page I could
visit as I cannot recreate the exploit myself.  Is it possible for DShield
to create/host a harmless exploit page for me to test against?

-----Original Message-----
From: Guy Barnum [mailto:GuyBarnum at Armscole.com]
Sent: Friday, April 09, 2004 9:50 AM
To: General DShield Discussion List
Subject: RE: [Dshield] An unfixed highly critical vulnerability
discovered inMicrosoft Internet Explorer


<snip>
http://secunia.com/advisories/10523/

When visited Secunia's web page (at the above address), I received the
following virus alert (issued by NAV2004):
Source: C:\Documents and Settings\username\Local Settings\Temporary
Internet Files\Content.IE5\0LU1UHY7\10523[1].htm 
Click for more information about this threat: Bloodhound.Exploit.6
Guess this is just Secunia's way of demonstrating the vulnerability's
existence on browsers concerned.
</end snip>

I went to that page and surfed around on every obviously related link
and didn't see any NAV warning pop ups.  I'm using IE version
6.0.2800.1106.xpsp2.030422-1633
Anyone else try this page?

Guy

_______________________________________________
list mailing list
list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list



More information about the list mailing list