Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer

To: "Ward Taylor" <rfdhomer@xxxxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
From: "Nexus" <nexus@xxxxxxxxxxxxxxxxxx>
Date: Tue, 10 Feb 2004 16:40:17 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <BJEIIGDJCBPHLGHHKGJFCECLCPAA.rfdhomer@xxxxxxxxxxxxxxx>

----- Original Message -----
From: "Ward Taylor" <rfdhomer@xxxxxxxxxxxxxxx>
To: <bugtraq@xxxxxxxxxxxxxxxxx>
Sent: Monday, February 09, 2004 7:31 PM
Subject: RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet
Explorer

> Hi:
> There is a win2k registry setting which allows the default .dll search
order
> to be changed.

Out of curiosity, does that override the 0 byte .exe.local file trick to
force the application to search the local directory for the .dll first ?
http://www.jsiinc.com/subf/tip2600/rh2606.htm

Cheers.

References:
- RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
  - From: Ward Taylor

Prev by Date: Re: Decompression Bombs
Next by Date: RE: Samba 3.x + kernel 2.6.x local root vulnerability
Previous by thread: Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
Next by thread: RE: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
Index(es):
- Date
- Thread