> -----Original Message----- > From: Ferruh Mavituna [mailto:ferruh@xxxxxxxxxxxx] > Sent: Wednesday, July 14, 2004 7:52 AM > To: 'L33tPrincess'; bugtraq@xxxxxxxxxxxxxxxxx; > full-disclosure@xxxxxxxxxxxxxxxx > Subject: RE: [Full-Disclosure] Re: IE Shell URI Download and > Execute, POC > > > Is the vulnerability mitigated by > > today's Microsoft patch? > > Both of POCs are working well (at least in my system -W2K3 > all patches-) > after recent MS patches. > > Can anyone confirm this ? I can not. Wscript was deactivated with Guninski's WSH bug a long time ago. I just tested running wscript in the My Computer zone. It prompts as an unsafe activex. However, Microsoft needs to get on the ball here and secure that zone or make it trivial for their customers to do so. (Kudos for their link on their security page, but that kind of thing is targetted to IT professionals -- not to the masses... and they can figure that out by themselves already.) I also noticed the shell: path url does work as a source in an iframe. > > > Ferruh.Mavituna > http://ferruh.mavituna.com > PGPKey : http://ferruh.mavituna.com/PGPKey.asc > > > -----Original Message----- > > From: full-disclosure-admin@xxxxxxxxxxxxxxxx > [mailto:full-disclosure- > > admin@xxxxxxxxxxxxxxxx] On Behalf Of L33tPrincess > > Sent: Wednesday, July 14, 2004 5:34 AM > > To: bugtraq@xxxxxxxxxxxxxxxxx; full-disclosure@xxxxxxxxxxxxxxxx > > Subject: [Full-Disclosure] Re: IE Shell URI Download and > Execute, POC > > > > Ferruh, > > Is this a new variant (wscript.shell)? Is the > vulnerability mitigated by > > today's Microsoft patch? > > > > > > > > Hello; > > > > Code is based on > http://www.securityfocus.com/archive/1/367878 (POC by > > Jelmer) message. I just added a new feature "download" and > then execute > > application. Also I use Wscript.Shell in Javascript instead of > > Shell.Application. > > > > ________________________________ > > > > Do you Yahoo!? > > New and Improved Yahoo! Mail > > > <http://us.rd.yahoo.com/mail_us/taglines/100/*http://promotion > s.yahoo.com/ > > new_mail/static/efficiency.html> - 100MB free storage! > >
