Network Security: Detailed info on Re: [Full-Disclosure] Windows (XP SP2) Remote code executionwithparamete

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-Disclosure] Windows (XP SP2) Remote code executionwithparamete

from [morning_wood] Network Security

[Permanent Link]

Subject:	Re: [Full-Disclosure] Windows (XP SP2) Remote code executionwithparameters
Date:	Tue, 28 Dec 2004 07:05:45 -0800

hhctrl.ocx is not installed by default in all SP1s but is on all SP2.
Therefore when the exploit page tries to create the object he cannot
find it so it tries to install it. On SP2 it exists by default therefore
created silently.


i replied to this because of this statement by the O.P..

"Any system running any Microsoft Windows XP edition with Internet Explorer
6
or higher, even with SP2 applied."
this suggests that all XP are affected by default, including sp2.

cheers,

m.w

p.s. I have noticed that the final pre-release of SP2 is much better ( in my
experience )
performance and security wise. ( and it retains raw sockets ). In SP2rc2,
IE6 popup
blocker stopped the PoC at default settings.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-Disclosure] Windows (XP SP2) Remote code execution with parameters, ShredderSub7 SecExpert Message not available Message not available Re: [Full-Disclosure] Windows (XP SP2) Remote code executionwithparameters, morning_wood <= RE: [Full-Disclosure] Windows (XP SP2) Remote code execution with parameters, Goencz, Otto

Previous by Date:	Re: [Full-Disclosure] RE: Worm hitting PHPbb2 Forums, Valdis . Kletnieks
Next by Date:	[Full-Disclosure] unexplained crashes of named, Przemyslaw Frasunek
Previous by Thread:	[Full-Disclosure] Windows (XP SP2) Remote code execution with parameters, ShredderSub7 SecExpert
Next by Thread:	RE: [Full-Disclosure] Windows (XP SP2) Remote code execution with parameters, Goencz, Otto
Indexes:	[Date] [Thread] [Top] [All Lists]