Internet Explorer URL Spoofing Vulnerability
Results 1 to 3 of 3

Thread: Internet Explorer URL Spoofing Vulnerability

  1. #1
    Senior Member
    Join Date
    May 2003
    Posts
    159

    Internet Explorer URL Spoofing Vulnerability

    Hi All,

    Although the criticality is ranked moderate... I guess it is a far more serious threat......

    I guess we are just witnessing the start of Browser based attacks ......

    LINK

    CVE reference: CAN-2003-1025

    Description:
    A vulnerability has been identified in Internet Explorer, which can be exploited by malicious people to display a fake URL in the address and status bars.

    The vulnerability is caused due to an input validation error, which can be exploited by including the "%01" and "%00" URL encoded representations after the username and right before the "@" character in an URL.

    Successful exploitation allows a malicious person to display an arbitrary FQDN (Fully Qualified Domain Name) in the address and status bars, which is different from the actual location of the page.

    This can be exploited to trick users into divulging sensitive information or download and execute malware on their systems, because they trust the faked domain in the two bars.

    Example displaying only "http://www.trusted_site.com" in the two bars when the real domain is "malicious_site.com":
    http://www.trusted_site.com%01%00@ma...malicious.html

    A test is available at:
    http://www.secunia.com/internet_expl...spoofing_test/

    The vulnerability has been confirmed in version 6.0, and version 5.x is also affected according to Microsoft's knowledge base article.

    NOTE: This vulnerability is currently being exploited on the Internet via scam emails!

    Solution:
    Apply patches manually or via WindowsUpdate.

    Internet Explorer 6 Service Pack 1:
    http://www.microsoft.com/downloa...-...displaylang=en

    Internet Explorer 6 Service Pack 1 (64-Bit Edition):
    http://www.microsoft.com/downloa...-...displaylang=en

    Internet Explorer 6 for Windows Server 2003:
    http://www.microsoft.com/downloa...-...displaylang=en

    Internet Explorer 6 for Windows Server 2003 (64-Bit Edition):
    http://www.microsoft.com/downloa...-...displaylang=en

    Internet Explorer 6:
    http://www.microsoft.com/downloa...-...displaylang=en

    Internet Explorer 5.5 Service Pack 2:
    http://www.microsoft.com/downloa...-...displaylang=en

    Internet Explorer 5.01 Service Pack 4:
    http://www.microsoft.com/downloa...-...displaylang=en

    Internet Explorer 5.01 Service Pack 3:
    http://www.microsoft.com/downloa...-...displaylang=en

    Internet Explorer 5.01 Service Pack 2:
    http://www.microsoft.com/downloa...-...displaylang=en


    NOTE: The patches fix the vulnerability by removing support for usernames and passwords in URLs.

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Old news dude. Look at the release date:

    Secunia Advisory: SA10395
    Release Date: 2003-12-09
    Last Update: 2004-02-02
    The last update is probably because MS took a while to patch this one.

    Edit: The original thread can be found here
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    159
    I am sorry.... for repeating the thread... I possible kindly delete the post......

    Thanx for bringing it to my notice... Shall be careful in future......
    ****** Any man who knows all the answers most likely misunderstood the questions *****

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •