|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Blue screen in Windows
From: David F. Madrid (idoru
VIDEOSOFT.NET.UY)
Date: Tue May 20 2003 - 15:04:54 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Issue :
Blue screen in Windows
Tested versions :
W2000 Server Sp3 with IE 6.0 Sp1
XP Pro with IE 6.0
Vendor status :
MS is investigating the issue but as they spent months to just acknowledge
it I decided to publish it
Description :
With Internet Explorer you can make calls using netmeeting ,
navigating to callto Urls . On the systems tested if you try to
navigate to a specially crafted callto url Windows halt with a
Kmode exception not handled . I can´t reproduce this always,
particulary not after rebooting from the system halt , but the issue
was confirmed in two different computers .
I am afraid I can´t give any debugging info cause no causing module is
shown in the BSOD .
Exploit :
In the spanish version of this advisory you can find a demonstration
http://nautopia.org/vulnerabilidades/callto_bluescreen.htm
Just click the link "Pulsa aquí para parar Windows"
Regards ,
David F. Madrid ,
Madrid , Spain
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
EXECUTIVE SEMINAR: "Information Security and the Disappearing Perimeter"
Join Peter S. Tippett, PhD, M.D., the industry's foremost authority on
network security, and TruSecure for a free breakfast seminar on "The Impact
of the Disappearing Perimeter." Learn how you can proactively protect your
organization against today's newest threats, including those from remote
users, business partners and wireless. To register, and to view the full
list of dates and cities, click below or call 1-888-396-8348.
http://www.trusecure.com/offer/s0096/
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]