Ref: Kip Sr. <[EMAIL PROTECTED]>'s
message dated 8 Mar 2002, 9:48 hours.
>After the page is loaded, the client performs a POST
>to <http://activex.microsoft.com/objects/ocget.dll>,
>which is used to load an ActiveX control within the
>web page.
>
>This address is actually stored in the registry under
>HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
>Settings\CodeBaseSearchPath
On my Windows 98 system this specific key does not exist nor any like it. :-(
But then I run IE v5.01 SR-2 which is not supposedly vulnerable. :-)
>
>This key contains:
>CODEBASE;<<http://activex.microsoft.com/objects/ocget.dll>>;<http://codecs.microsoft.com/isapi/ocget.dll>
>
>Removing the initial CODEBASE keyword prevents users
>from downloading any ActiveX code from the Internet. I
>removed the whole line and the problem is gone.
>
>Thanks,
>Bart
>
Something that might interest some came in today from SIMTEL:
Category: WinME / Win98 / Win95 / Improve computer security
more programs by Privacy Software Corporation
Website: http://www.nsclean.com/dsostop.html
Screen Shot: View It!
Program Name: DSOstop, Version 1.00.000
File Name: dsostop.exe
Downloads: 21 since 03/07/2002
Ware Type: Freeware
System: Win95,Win98,WinME,WinNT 3.x,WinNT 4.x,WinXP,Windows2000
File Size: 45568
File Date: 2002-03-06 16:54:00
Description: Stops the data sources object exploit
The "DSO Exploit" (Data Source Object) was first reported by GreyMagic Software of
Israel
onFebruary 27, 2002 and a "workaround" for Microsoft's defective code was
provided by Axel Pettinger and Garland Hopkins on March 3, 2002 involving
the editing of the Windows registry to alter values contained within
Internet Explorer's Internet Zones configurations. Because many computer
users are extremely nervous (and justifiably so) about manually editing the
Windows registry, owing to years of warnings and advisories as to the
dangers of editing the registry, Privacy Software has provided this FREE
utility to safely do it for those who do not feel confident running and
editing "Regedit." We have provided this software to the general public to
solve a problem since no one else has stepped up to the plate to solve a
serious problem as of the time of this release.
Our free DSOstop software will permit you to protect yourself without
the need to pay a "resident geek" to fix Microsoft's problem for you. Simply
run the program we provide, and it will check your registry to see if the
existing settings are unsafe. If so, you will be advised to click the button
on the next screen marked "Protect Internet Explorer". If you do so, then
DSOstop will change the registry settings for you automatically and then
you'll be protected from this exploit. If you choose "UNprotect internet
Explorer" instead, those changes will be removed. Selecting this option will
restore your PRIOR settings should Microsoft provide a patch.
>
>I think you are mistaken. Javascript can display
>directory contents to the client browser, but not
>transmit that info back to the server. Unless I am
>mistaken ;)
>On Wed, 6 Mar 2002, ruler wrote:
>_There are also sites that will let you view all of
>your directory trees,
>_which a server could easily see all of your files.
>Which do you think is
>_more scary?
>_----- Original Message -----
>_From: �leon� <[EMAIL PROTECTED]>
>_To: <[EMAIL PROTECTED]>
>_Sent: Tuesday, March 05, 2002 12:30 PM
>_Subject: scary site
>_
>_
>_> -----BEGIN PGP SIGNED MESSAGE-----
>_> Hash: SHA1
>_>
>_> http://www.liquidwd.freeserve.co.uk/
>_>
>_>
>_> Try it with a windows machine and IE with all
>patches.
>_>
>_> Be afraid be very afraid.
>_>
>_> FYI this is for all those people who are think that
>just having a
>_> firewall is enough.
>_>
>_> Guess what?
>_>
>_> This works through packet filter, stateful
>inspection and proxy
>_> servers.
>_>
>_> Cheers,
>_>
>_> Leon
>_>
Enjoy!
--
Richard H. Cotterell <mailto:[EMAIL PROTECTED]>
________________________________________________________________________________
You can tell whether a man is clever by his answers. You can
tell whether a man is wise by his questions.
-Naguib Mahfouz (b. 1911), Egyptian writer, winner of 1988 Nobel
Prize for literature.
