Interesting... I was trying to determine if the shell: exploit could be
used to execute remote code on a known web server but hadn't approached
it from the SMB angle.
The obvious mitigating factor for this exploit is that someone would
need to have prior knowledge of which SMB shares had been
Barry Fitzgerald [EMAIL PROTECTED] said:
Interesting... I was trying to determine if the shell: exploit could be
used to execute remote code on a known web server but hadn't approached
it from the SMB angle.
the credit also goes to MALWARE and Cheng Peng Su who found SHELL-protocol URL
SUBJ: MOZILLA: SHELL can execute remote EXE program
DATE: 2004/07/09
FROM: Liu Die Yu liudieyu AT umbrella D0T name
[START] Advisory
COPYRIGHT
-
This Advisory is