[Dshield] [Shield] 0-day exploit: Microsoft Internet Explorer "Msdds.dll"Remote Code Exe cution Exploit

Bryan Hill bhill at capitaltitlegroup.com
Wed Aug 17 20:40:43 GMT 2005


Thank you for the update... 

-----Original Message-----
From: list-bounces at lists.dshield.org
[mailto:list-bounces at lists.dshield.org] On Behalf Of Fergie (Paul
Ferguson)
Sent: Wednesday, August 17, 2005 1:33 PM
To: list at lists.dshield.org
Subject: [Dshield] 0-day exploit: Microsoft Internet Explorer
"Msdds.dll"Remote Code Exe cution Exploit

Uh oh.

Via FrSIRT.

Advisory : FrSIRT/ADV-2005-1450
Rated as : Critical
http://www.frsirt.com/english/advisories/2005/1450

 * Technical Description *

A critical vulnerability was identified in Microsoft Internet Explorer,
which could be exploited by remote attackers to execute arbitrary
commands. This issue is due to a memory corruption error when
instantiating the "Msdds.dll" object as an ActiveX control via its class
identifier (CLSID), which could be exploited by an attacker to take
complete control of an affected system via a specially crafted Web page.

This vulnerability has been confirmed with Microsoft Internet Explorer 6
SP2 on Windows XP SP2 (fully patched).

 * Exploits *

http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php

 * Affected Products *

Microsoft Internet Explorer 6 SP1 on Microsoft Windows XP SP1
Microsoft Internet Explorer 6 for Microsoft Windows XP SP2
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 SP1
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 for
Itanium-based Systems
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 with SP1
for Itanium-based Systems
Microsoft Internet Explorer 6 for Microsoft Windows Server 2003 x64
Edition
Microsoft Internet Explorer 6 for Microsoft Windows XP Professional x64
Edition
Microsoft Internet Explorer 5.01 SP4 on Microsoft Windows 2000 SP4
Microsoft Internet Explorer 6 SP1 on Microsoft Windows 2000 SP4 

 * Solution *

The FrSIRT is not aware of any official supplied patch for this issue.

 * References *

http://www.frsirt.com/english/advisories/2005/1450 
http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php

Exploit:
http://www.frsirt.com/exploits/20050817.IE-Msddsdll-0day.php

- ferg





--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg at netzero.net or fergdawg at sbcglobal.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list
 
This information may be legally privileged and/or is confidential, and is intended for the use of the addressee named above.  Any other use is strictly prohibited.  If you have received this communication in error, please immediately notify me and destroy the communication.  Any wrongful interception of this transmission is  prohibited and punishable under federal law.



More information about the list mailing list