<<< Date Index >>>     <<< Thread Index >>>

Several Things about IE bugs




Several Things about IE bugs:

1st, i coded a stable demo of 1stCleanRc:
http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/1stCleanRc-Xp/index.html
some anti-Virus firewall tools may detect this exploit as a virus, but most of 
these tools will fail if the exploit *files* are changed.(malware also 
suggested this. :-) )
(
more information about this remote compromise is available at:
http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/index.html
)

second, the list of unpatched IE bugs is moved to:
http://continue.to/trie
OR
http://die.leox.com/DirSvc/security/trie/index.html?
the latest site-spoofing bug ( http://www.securityfocus.com/archive/1/346948 ) 
was also added there.
the list should be up-to-date, but i could not update my website 
SAFECENTER.NET/UMBRELLAWEBV4 hosted by BRINKSTER.COM - both web management 
interface and ftp5.brinkster.com server are unreachable, even thru anonymous 
proxies.
(thanks to 
http://www.leox.com
for providing this host.)

third, about the bug at:
http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid10008-Content.htm
again, it doesn't work on all windowz systems, as i already stated at:
http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid10008-Note.htm
long ago.
but it did work on the Pull's WIN2K, dror's WINXP, codedreamers' WINXP and my 
WINXP - all up-to-date.
this bug was also found by Codedreamers of 
http://codewebs.com
independently, but i think i got it before he. :-)
the demo of this vulnerability is at:
http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid10008-Demo/default.asp
if a download prompt pops up, the exploit fails; if a new IE window pops up, 
the exploit works.


4th, i collected several interesting notes, mostly about pivx and ms:

http://www.securityfocus.com/archive/1/343544
"Believe me, I am all in for full disclosure and [...]"

http://www.pivx.com/larholm/unpatched/
"PivX is continually updating the Unpatched page, albeit internally."
( 
"albeit" = 
-----------
Etymology: Middle English, literally, all though it be
Date: 14th century
: conceding the fact that : even though
-----------
from:
http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=albeit
)

http://www.pivx.com/larholm/unpatched/
"Given Microsoft?s recent positive actions together with[...]"

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/default.asp
"Currently, Microsoft has no security bulletins to release as part of the 
monthly release cycle for the month of December"

http://die.leox.com/ie_unpatched/
"List the Unpatched IE Vulnerabilities
(Content: Key point , essential code and its related comment)
There are currently 20 items. "

http://www.pivx.com/larholm/unpatched/
"This was done in both a spirit of cooperation and for the good of the Internet 
as a whole. "
("This" means "we have suspended our ?Unpatched? page")

http://www.pivx.com/clients.html
"Partial Client List     GMAC, BOEING, Microsoft, University of California, 
[...]"
(i got this from jelmer at:
http://lists.netsys.com/pipermail/full-disclosure/2003-December/014746.html
;-)  )

at last, linux is cool. ;-) but windows is more exciting. :-P i use both.


END CALL