Full Disclosure mailing list archives
Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER
From: vh <vh () helith net>
Date: Wed, 12 Jan 2005 01:35:38 +0100
On Wed, 12 Jan 2005 06:52:04 +0800 "Team Pwnge" <team_pwn4ge () outgun com> wrote:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - TEAM PWN4GE Security Advisory PWNED- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: HIGH Title: EXPLORER: Vulnerability in all versions of Windows Explorer Date: January 11, 2005 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple overflows have been found in Windows Explorer, potentially allowing a remote user to open Explorer and run files remotely. Background ========== Windows Explorer is an advanced browsing tool made by Microsoft. It is used in daily tasks to open folders, copy files, delete files, rename files and view files on a system. It is the foundation of the World Wide Web and used by billions worldwide. It runs on an array of machines. Affected versions ================= All versions of Windows' Explorer are vulnerable Description =========== Shogun Suzuki discovered that a remote user can connect to any machine via numerous exploits and use Windows Explorer to view files, rename files, delete files, change permissions on files stored on a remote machine that has been pwned. Impact ====== A remote attacker could install something similar to PCAnywhere after exploiting Windows and use Windows' Explorer to view, copy and or open any file on a victims machine. Workaround ========== On a command prompt: del C:\WINDOWS\explorer.exe
Isn't explorer the program wich "shows" you the desktop? Just a clue: Use Open-, Net- or FreeBSD. These OSs are good enought for all normal tasks you've to do. Real Workaround: Change the OS There's no other way or you like to wait 5 months for a patch. You've to wait at least 4 weeks because MS don#t provide patches just because there's something critical. Oh no.. they've their "Patch-Day". Something like a game-show but even more worse because you don't get patches for all holes even you did everything right.
License ======= Copyright 2005 TEAM PWN4GE The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
Mails are FREE... But sometimes Linux-Users need licenses for everything... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Team Pwnge (Jan 11)
- Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER vh (Jan 11)
- Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Andrew Farmer (Jan 11)
- RE: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Paul Kurczaba (Jan 11)
- Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Kevin Reiter (Jan 11)
- Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Micheal Espinola Jr (Jan 11)
- Reality, humor, and history (was Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Valdis . Kletnieks (Jan 12)
- Re: Reality, humor, and history (was Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Stormwalker (Jan 12)
- Re: Reality, humor, and history (was Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Andrew Farmer (Jan 12)
- Re: Reality, humor, and history (was Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Dave Horsfall (Jan 13)
- Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Robert Hogan (Jan 12)
- Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Kevin Reiter (Jan 11)
- Re: MORE CRITICAL FLAWS IN MS WINDOWS EXPLORER Martin Allert (Jan 11)