Forums Últimos mensajes - Powered by IBM
 
Tags Palabras claves

Explorer MUY VULNERABLE

09/11/2004 - 14:47 por hptella | Informe spam
Ayuda Hacer una pregunta
Microsoft Internet Explorer "res:" URI Handler File Identification
Vulnerability

Secunia Advisory: SA13124 Print Advisory
Release Date: 2004-11-09

Critical:
Not critical
Impact: Exposure of system information
Where: From remote
Solution Status: Partial Fix

Software: Microsoft Internet Explorer 6

Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.

Description:
Benjamin Tobias Franz has discovered a vulnerability in Internet Explorer,
which can be exploited by malicious sites to detect the presence of local
files.

The problem is that an "Access is Denied" error will be returned if a site
in the "Internet" zone tries to open an existing local file in the search
window using the "res:" URI handler. This can be exploited to determine
the presence of specific programs or files in the system directories and
on the desktop.

The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP1.

Solution:
The vulnerability does not affect systems running Windows XP with SP2
installed.

Disable Active Scripting Support.

Provided and/or discovered by:
Benjamin Tobias Franz


Please note: The information, which this Secunia Advisory is based upon,
comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued
by security research groups, vendors, and others.
email Siga el debateRespuesta 11 respuestasRespuesta Tengo una respuesta

Preguntas similare

Leer las respuestas

#6 Enrique [MVP Windows]
09/11/2004 - 15:43 | Informe spam
;-)



Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

Instala ya mismo el Service Pack 2 (SP2), la actualización más importante para Windows XP, que
incluye todas las actualizaciones críticas hasta la fecha y protegerá tu seguridad en general
gracias a Windows Security Center. Haz clic en el siguiente enlace:
http://www.microsoft.com/downloads/...p;FamilyID9c9dbe-3b8e-4f30-8245-9e368d3cdb5a

Este mensaje se proporciona "como está", sin garantías de ninguna clase y no otorga ningún
derecho.
This posting is provided "AS IS" with no warranties, and confers no rights.

"JM Tella Llop [MVP Windows]" escribió en el mensaje
news:
es el proxy socks de siempre.

Jose Manuel Tella Llop
MVP - Windows
(quitar XXX)
http://www.multingles.net/jmt.htm

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no otorga ningún
derecho.

This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.



"Enrique [MVP Windows]" wrote in message
news:
X-HTTP-Posting-Host: 61-222-216-46.HINET-IP.hinet.net
NNTP-Posting-Host: us-8.34web.com 216.40.249.48



Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

Instala ya mismo el Service Pack 2 (SP2), la actualización más importante para Windows XP,
que
incluye todas las actualizaciones críticas hasta la fecha y protegerá tu seguridad en general
gracias a Windows Security Center. Haz clic en el siguiente enlace:
http://www.microsoft.com/downloads/...p;FamilyID9c9dbe-3b8e-4f30-8245-9e368d3cdb5a

Este mensaje se proporciona "como está", sin garantías de ninguna clase y no otorga ningún
derecho.
This posting is provided "AS IS" with no warranties, and confers no rights.

"José Gallardo" escribió en el mensaje
news:
El lumbreras este se ha lucido esta vez. No sólo ha falsificado, sino que
además la falsificación es cutre cutre. ¡Eso es caer bajo!


"JM Tella Llop [MVP Windows]" escribió en el mensaje
news:


Jose Manuel Tella Llop
MVP - Windows
(quitar XXX)
http://www.multingles.net/jmt.htm

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no
otorga ningún derecho.

This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.



"HP Tella LLop [MVI Windows[" wrote in message
news:
Microsoft Internet Explorer "res:" URI Handler File Identification
Vulnerability

Secunia Advisory: SA13124 Print Advisory
Release Date: 2004-11-09

Critical:
Not critical
Impact: Exposure of system information
Where: From remote
Solution Status: Partial Fix

Software: Microsoft Internet Explorer 6

Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.

Description:
Benjamin Tobias Franz has discovered a vulnerability in Internet Explorer,
which can be exploited by malicious sites to detect the presence of local
files.

The problem is that an "Access is Denied" error will be returned if a site
in the "Internet" zone tries to open an existing local file in the search
window using the "res:" URI handler. This can be exploited to determine
the presence of specific programs or files in the system directories and
on the desktop.

The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP1.

Solution:
The vulnerability does not affect systems running Windows XP with SP2
installed.

Disable Active Scripting Support.

Provided and/or discovered by:
Benjamin Tobias Franz


Please note: The information, which this Secunia Advisory is based upon,
comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued
by security research groups, vendors, and others.





Respuesta Responder a este mensaje
#7 Santiago José López Borrazás
09/11/2004 - 15:53 | Informe spam
Hash: SHA1

Quién: José Gallardo
Fecha: Tue, 9 Nov 2004 15:08:19 +0100
Asunto:Re: * falsificacion *

| El lumbreras este se ha lucido esta vez. No sólo ha falsificado, sino que
| además la falsificación es cutre cutre. ¡Eso es caer bajo!

Es que, ya cae más bajo. Más no se puede...

De todas formas, ya es visto, que es el mismísimo *lle C*rv*s. Para más
señas...

Respuesta Responder a este mensaje
#8 Santiago José López Borrazás
09/11/2004 - 15:54 | Informe spam
Hash: SHA1

Quién: Enrique [MVP Windows]
Fecha: Tue, 9 Nov 2004 15:29:38 +0100
Asunto:Re: * falsificacion *

| X-HTTP-Posting-Host: 61-222-216-46.HINET-IP.hinet.net
| NNTP-Posting-Host: us-8.34web.com 216.40.249.48

Es un proxy-socks, que ya te puedes imaginar...

Respuesta Responder a este mensaje
#9 Marc [MVP Windows]
09/11/2004 - 16:23 | Informe spam
Solution:
The vulnerability does not affect systems running Windows XP with SP2
installed.



Por tanto, sobra en este grupo...


Saludos

Marc
MCP - MVP Windows Shell/User
Oracle9i Certified Associate (OCA)
NOTA. Por favor, las preguntas y comentarios en los grupos, así nos beneficiamos todos.

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no otorga ningún derecho.

"HP Tella LLop [MVI Windows[" escribió en el mensaje news:
Microsoft Internet Explorer "res:" URI Handler File Identification
Vulnerability

Secunia Advisory: SA13124 Print Advisory
Release Date: 2004-11-09

Critical:
Not critical
Impact: Exposure of system information
Where: From remote
Solution Status: Partial Fix

Software: Microsoft Internet Explorer 6

Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.

Description:
Benjamin Tobias Franz has discovered a vulnerability in Internet Explorer,
which can be exploited by malicious sites to detect the presence of local
files.

The problem is that an "Access is Denied" error will be returned if a site
in the "Internet" zone tries to open an existing local file in the search
window using the "res:" URI handler. This can be exploited to determine
the presence of specific programs or files in the system directories and
on the desktop.

The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP1.

Solution:
The vulnerability does not affect systems running Windows XP with SP2
installed.

Disable Active Scripting Support.

Provided and/or discovered by:
Benjamin Tobias Franz


Please note: The information, which this Secunia Advisory is based upon,
comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued
by security research groups, vendors, and others.

Respuesta Responder a este mensaje
#10 mingo
10/11/2004 - 01:58 | Informe spam
Como conseguis averiguar esto?

X-HTTP-Posting-Host: 61-222-216-46.HINET-IP.hinet.net
NNTP-Posting-Host: us-8.34web.com 216.40.249.48




"JM Tella Llop [MVP Windows]" escribió en el mensaje
news:
es el proxy socks de siempre.

Jose Manuel Tella Llop
MVP - Windows
(quitar XXX)
http://www.multingles.net/jmt.htm

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y no
otorga ningún derecho.

This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use.



"Enrique [MVP Windows]" wrote in message
news:
X-HTTP-Posting-Host: 61-222-216-46.HINET-IP.hinet.net
NNTP-Posting-Host: us-8.34web.com 216.40.249.48



Saludos,
Enrique Cortés
Microsoft MVP - Windows - IE/OE
(quita la Z)

Instala ya mismo el Service Pack 2 (SP2), la actualización más importante
para Windows XP, que
incluye todas las actualizaciones críticas hasta la fecha y protegerá tu
seguridad en general
gracias a Windows Security Center. Haz clic en el siguiente enlace:
http://www.microsoft.com/downloads/...p;FamilyID9c9dbe-3b8e-4f30-8245-9e368d3cdb5a

Este mensaje se proporciona "como está", sin garantías de ninguna clase y
no otorga ningún
derecho.
This posting is provided "AS IS" with no warranties, and confers no
rights.

"José Gallardo" escribió en el mensaje
news:
El lumbreras este se ha lucido esta vez. No sólo ha falsificado, sino que
además la falsificación es cutre cutre. ¡Eso es caer bajo!


"JM Tella Llop [MVP Windows]" escribió en el mensaje
news:


Jose Manuel Tella Llop
MVP - Windows
(quitar XXX)
http://www.multingles.net/jmt.htm

Este mensaje se proporciona "como está" sin garantías de ninguna clase, y
no
otorga ningún derecho.

This posting is provided "AS IS" with no warranties, and confers no
rights.
You assume all risk for your use.



"HP Tella LLop [MVI Windows[" wrote in message
news:
Microsoft Internet Explorer "res:" URI Handler File Identification
Vulnerability

Secunia Advisory: SA13124 Print Advisory
Release Date: 2004-11-09

Critical:
Not critical
Impact: Exposure of system information
Where: From remote
Solution Status: Partial Fix

Software: Microsoft Internet Explorer 6

Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.

Description:
Benjamin Tobias Franz has discovered a vulnerability in Internet
Explorer,
which can be exploited by malicious sites to detect the presence of local
files.

The problem is that an "Access is Denied" error will be returned if a
site
in the "Internet" zone tries to open an existing local file in the search
window using the "res:" URI handler. This can be exploited to determine
the presence of specific programs or files in the system directories and
on the desktop.

The vulnerability has been confirmed on a fully patched system with
Internet Explorer 6.0 and Microsoft Windows XP SP1.

Solution:
The vulnerability does not affect systems running Windows XP with SP2
installed.

Disable Active Scripting Support.

Provided and/or discovered by:
Benjamin Tobias Franz


Please note: The information, which this Secunia Advisory is based upon,
comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports
issued
by security research groups, vendors, and others.





Respuesta Responder a este mensaje
Ads by Google
Help Hacer una preguntaSiguiente AnteriorRespuesta Tengo una respuesta
Search Busqueda sugerida