Scanit Browser (IE 6.0) Security Test Released
Results 1 to 4 of 4

Thread: Scanit Browser (IE 6.0) Security Test Released

  1. #1
    () \/V |\| 3 |) |3\/ |\|3G47|\/3
    Join Date
    Sep 2002
    Posts
    744

    Scanit Browser (IE 6.0) Security Test Released

    I recieved some information today from Bugtraq for a release of a new browser vulnerability test. Try the test here.

    17 tests are performed.
    ------------------------------
    * Microsoft Internet Explorer Navigate Function Cross Frame Access Vulnerability
    * Microsoft Internet Explorer Temporary Internet Files Folder Disclosure Vulnerability
    * Microsoft Internet Explorer MIME Header "Content-Type: audio-x-wav" Attachment Execution Vulnerability
    * Microsoft Internet Explorer %00 Arbitrary File Execution Vulnerability
    * Microsoft Internet Explorer DYNSRC File Information Disclosure Vulnerability
    * Microsoft Internet Explorer Dialog Same Origin Policy Bypass Vulnerability
    * Microsoft Internet Explorer Content-Disposition Handling File Execution Vulnerability
    * Microsoft Internet Explorer Cookie Content Disclosure Vulnerability
    * Microsoft Internet Explorer OBJECT Tag Same Origin Policy Violation Vulnerability
    * Mozilla JavaScript URL Host Spoofing Arbitrary Cookie Access Vulnerability
    * Microsoft Internet Explorer %2f in URL Same Origin Policy Violation Vulnerability
    * Microsoft Internet Explorer Document Reference Zone Bypass Vulnerability
    * Microsoft Internet Explorer Iframe Document Property Cross Domain Scripting Vulnerability
    * Microsoft Internet Explorer document.write() Zone Bypass Vulnerability
    * Microsoft Internet Explorer IFRAME dialogArguments Cross-Zone Access Vulnerability
    * Microsoft Internet Explorer Dialog Style Same Origin Policy Bypass Vulnerability
    * Microsoft Internet Explorer Multimedia Page Cross-Site Scripting Vulnerability

    On the site you can read brief explanations about these vulnerabilities - I would suggest reading these. Also, if your AV/firewall is configured properly you should be immune to most of these. However, the site suggested running a test both with and without your AV/firewall, that way you can see the differences.

    When the test is complete (it only took a couple of minutes) you will be given a report with any detected vulnerabilities and information on how to repair them. Another nice thing about this test is that it's free, fast, you don't need to register, and there is no waiting for your results.

    Just a note -- when you click on 'start the test'.....make sure you read the little box of rules. A lot of windows and other things pop up during the test and these rules tell you what to do.

    Go Finland!
    Deviant Gallery

  2. #2
    Senior Member
    Join Date
    Jul 2001
    Posts
    420
    Cool site -Only 3 vulnerblities on work system (2 critical one medium) will test my home system (more important system;-) ) tonight.

    Cheers,
    -D

    <EDIT>

    Re-ran the test at home and have no vulernablities. Feeling good about that

    </EDIT>
    If you spend more on coffee than on IT security, you will be hacked. What\'s more, you deserve to be hacked.
    -- former White House cybersecurity adviser Richard Clarke

  3. #3
    () \/V |\| 3 |) |3\/ |\|3G47|\/3
    Join Date
    Sep 2002
    Posts
    744
    Yeah..it's a cool test. I like how quick it is. I think I had 1 critical and 2 low. I had my AV turned off but my firewall up. Glad you liked it!

    Go Finland!
    Deviant Gallery

  4. #4
    Senior Member
    Join Date
    Jan 2003
    Posts
    242
    1 critical and 1 low-thanks it was pretty interesting
    the only way to fix it is to flush it all away-tool

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •