[CrackMonkey] They plug one, and another opens.

Nick Moffitt nick at zork.net
Thu Mar 16 22:15:56 PST 2000


----- Forwarded message -----

From: Tima <Tima at au.ru>
Sender: Bugtraq List <BUGTRAQ at SECURITYFOCUS.COM>
To: BUGTRAQ at SECURITYFOCUS.COM
Subject: For those who installed Decon fix for con/con vulnerability
Date:         Thu, 16 Mar 2000 19:08:21 +0300

If you had con problem and installed Decon fix, you are now vulnerable
to another win 95(possibly)/98(tested) crash which is worse than the
previous.

Software affected : All versions of Microsoft Internet Explorer (It
doesn't work in Netscape Navigator)

Actual problem :
Type existing server in address box, and then request for nonexistent
file with name >300 symbols. After server sends reply to the browser
your system stops responding at all, Control+Alt+Del work but you
won't see the box with tasks running so only thing you can do is
REBOOT.
Somebody can deface some good website and create a redirect with 0
seconds waiting to such link.

Example : http://www.amsouth.com/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa.html

Fix : Delete Decon fix from startup folder :) Now you are vulnerable
to con/con.

Hello to Cre at tor

Speedo                          mailto:Tima at au.ru

----- End forwarded message -----

-- 
CrackMonkey.Org - Non-sequitur arguments and ad-hominem personal attacks
LinuxCabal.Org  - Co-location facilities and meeting space 
Pigdog.Org      - The Online Handbook for Bad People of the Future
                You are not entitled to your opinions.





More information about the Crackmonkey mailing list