Security Basics mailing list archives
Re: A possible "new ?" DOS exploit with IE
From: Danny Messano <danny () logicalcomputing net>
Date: Wed, 14 Jul 2004 18:49:20 -0400
I noticed it if you install outlook, then install another client and make it the default, and click a mailto, it does the same thing. I havent actually checked the registry to see what keys are missing or changed. Danny Messano Tuesday, July 13, 2004, 7:27:05 PM, you wrote: CP> Hi, CP> I'm new in security. By tuning my windows 2000 system to remove all CP> undesired and "dangerous" url protocol handlers (like telnet:), I discovered CP> a strange behavior with IE. To begin, I have Windows 2000 Pro SP4 + actual CP> hotfixes and IE SP1 + actual hotfixes installed. What I did that caused the CP> problem is to remove the value named "URL Protocol" in the registry key CP> "HKEY_CLASSES_ROOT\mailto". I did it to prevent malicious html pages to CP> launches many new email message windows with the use of image tags (<IMG>) CP> or something else. After I removed this value, I ran "mailto:" from Start->>Run. Nothing was happening, but after some seconds, multiple IE CP> windows were launched in an infinite loop. I don't think it's exploitable CP> unless the destination system have this value removed from the registry, but CP> I'm not sure. CP> Claude Petit CP> --------------------------------------------------------------------------- CP> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off CP> any course! All of our class sizes are guaranteed to be 10 students or less CP> to facilitate one-on-one interaction with one of our expert instructors. CP> Attend a course taught by an expert instructor with years of in-the-field CP> pen testing experience in our state of the art hacking lab. Master the skills CP> of an Ethical Hacker to better assess the security of your organization. CP> Visit us at: CP> http://www.infosecinstitute.com/courses/ethical_hacking_training.html CP> ---------------------------------------------------------------------------- -- Best regards, Danny Messano Owner Logical Computing http://www.logicalcomputing.net --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- A possible "new ?" DOS exploit with IE Claude Petit (Jul 14)
- Re: A possible "new ?" DOS exploit with IE Danny Messano (Jul 16)
- Message not available
- Re[2]: A possible "new ?" DOS exploit with IE Danny Messano (Jul 16)
- RE: Re[2]: A possible "new ?" DOS exploit with IE Samuel Petreski (Jul 16)
- Re: Re[2]: A possible "new ?" DOS exploit with IE donge912 (Jul 19)
- Message not available
- Re: A possible "new ?" DOS exploit with IE Danny Messano (Jul 16)