Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: SUPER SPOOF DELUXE Re: [Full-Disclosure] Microsoft and Security

SUPER SPOOF DELUXE Re: [Full-Disclosure] Microsoft and Security

From: <http-equiv_at_excite.com>
Date: Tue, 29 Jun 2004 18:41:11 -0000

>Here's a quick and dirty demo injecting malware.com into
>windowsupdate.microsoft.com :)

>http://www.malware.com/targutted.html

Thomas Kessler was kind enough to inform that this is not new,
but in fact on old "issue" with Internet Explorer which by all
accounts was supposed to be "patched" back in 1998[?]:

Microsoft Security Program: Microsoft Security Bulletin (MS98-
020) Patch Available for 'Frame Spoof' Vulnerability

http://www.microsoft.com/technet/security/bulletin/ms98-020.mspx

Quite clearly this contraption known as Internet Explorer is
just broken. It's oozing pus from every pore at this stage.

If indeed the issues are the exact same.

You'd better wipe hands of it anyway.

We give up. 

-- 
http://www.malware.com
Received on Jun 30 2004
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos