This post raises an interesting question. Is our goal to find new vulnerabilities and attack vectors to help secure users and critical infrastructures, or is our goal to ease exploitation of existing vulnerabilities? There are no new vulnerabilities or techniques highlighted in this attack (which is what it is), just a combination of several already known vulnerabilities. This is not a proof-of-concept designed to highlight how a particular vulnerability works, but an exploit designed specifically to compromise your machine. All a malicious viruswriter has to do is exchange the EXE file. Believe me, I am all in for full disclosure and detailing every aspect of a vulnerability to prevent future occurances of similar threats, but I don't particularly think that we should actively be trying to help malicious persons. Regards Thor Larholm Senior Security Researcher PivX Solutions, LLC Get our research, join our mailinglist - http://pivx.com/larholm/ -----Original Message----- From: Liu Die Yu [mailto:liudieyuinchina@yahoo.com.cn] Sent: Wednesday, November 05, 2003 2:35 AM To: bugtraq@securityfocus.com Subject: Six Step IE Remote Compromise Cache Attack Snip http://www.securityfocus.com/archive/1/343464/2003-11-02/2003-11-08/0
