Security Basics mailing list archives
A possible "new ?" DOS exploit with IE
From: Claude Petit <petc () videotron ca>
Date: Tue, 13 Jul 2004 18:27:05 -0500
Hi, I'm new in security. By tuning my windows 2000 system to remove all undesired and "dangerous" url protocol handlers (like telnet:), I discovered a strange behavior with IE. To begin, I have Windows 2000 Pro SP4 + actual hotfixes and IE SP1 + actual hotfixes installed. What I did that caused the problem is to remove the value named "URL Protocol" in the registry key "HKEY_CLASSES_ROOT\mailto". I did it to prevent malicious html pages to launches many new email message windows with the use of image tags (<IMG>) or something else. After I removed this value, I ran "mailto:" from Start->Run. Nothing was happening, but after some seconds, multiple IE windows were launched in an infinite loop. I don't think it's exploitable unless the destination system have this value removed from the registry, but I'm not sure. Claude Petit --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- A possible "new ?" DOS exploit with IE Claude Petit (Jul 14)
- Re: A possible "new ?" DOS exploit with IE Danny Messano (Jul 16)
- Message not available
- Re[2]: A possible "new ?" DOS exploit with IE Danny Messano (Jul 16)
- RE: Re[2]: A possible "new ?" DOS exploit with IE Samuel Petreski (Jul 16)
- Re: Re[2]: A possible "new ?" DOS exploit with IE donge912 (Jul 19)
- Message not available
- Re: A possible "new ?" DOS exploit with IE Danny Messano (Jul 16)