Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security NTBugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: How to Break Windows XP SP2 + Internet Explorer 6 SP2

from [Steve Boyce] Network Security [Permanent Link]
Subject: Re: How to Break Windows XP SP2 + Internet Explorer 6 SP2
Date: Wed, 20 Oct 2004 16:52:07 +0100 
In essence this appears to point to 2 holes, at paras e and f.

I don't pretend to understand e.

f however is a simple workaround for ADODB.Stream inaccessibility, and
shows that ADODB.Connection is just as dangerous as ADODB.Stream.
Disabling ADODB.Connection blocks it, but unfortunately, unlike
ADODB.Stream which is rarely used, disabling the connection object will
blow holes in a lot of Intranet software (including where I work).
Anyway, fwiw ADODB.Connection is blocked by doing what it says in kb
article 870669 and doing what it says substituting
{00000514-0000-0010-8000-00AA006D2EA4} for
{00000566-0000-0010-8000-00AA006D2EA4}.
Or here's the reg file to block it:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
Compatibility\{00000514-0000-0010-8000-00AA006D2EA4}]
"Compatibility Flags"=dword:00000400

Steve

--
NTBugtraq Editor's Note:

Want to reply to the person who sent this message? This list is configured such 
that just hitting reply is going to result in the message coming to the list, 
not to the individual who sent the message. This was done to help reduce the 
number of Out of Office messages posters received. So if you want to send a 
reply just to the poster, you'll have to copy their email address out of the 
message and place it in your TO: field.
--
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Windows file I/O not internationalized, Paul Szabo
Next by Date:  Scanner released to detect and repair MS04-028 infected JPEG files, Wayne - diamondcs.com.au
Previous by Thread:  How to Break Windows XP SP2 + Internet Explorer 6 SP2, http-equiv@excite.com
Next by Thread:  Re: How to Break Windows XP SP2 + Internet Explorer 6 SP2, Tod Beardsley
Indexes:  [Date] [Thread] [Top] [All Lists]