Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: MS06-042: Internet Explorer Rollup Patch - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-042: Internet Explorer Rollup Patch
MS06-042  (CRITICAL)

The usual monthly set of fixes for recently discovered Internet Explorer vulnerabilities. Exposing Internet Explorer to malicious HTML code could allow an attack to execute arbitrary code. Vulnerabilities like this are freuntly used by "drive by downloads" to install spyware, adware and bots.

Three of the vulnerabilities have been disclosed publically:
- CVE-2006-3280 (Redirect Cross-Domain Information Disclosure).
- CVE-2006-3637 (HTML Rendering Memory Corruption Vulnerability)
- CVE-2004-1166 (FTP Server Command Injection Vulnerability).

In particular note the date (2004!) of the FTP server command injection vulnerablity. Exploiting this vulnerability is rather easy and exploits have been available back in December of 2004. The attacker would have to include an 'ftp://' URL which includes a URL encoded newline character (Newline=%0a). It is also important to note that the KDE web brower (konqueror) had the same issue.

A well crafted exploit for the FTP vulnerability would not require any user interaction beyond exposing the browser to malicious code. A compromissed web server, banner ads or image tags in public web sites could be used to trigger this vulnerability.

Urgency:
Client: HIGH! Apply patch after expedited testing.
Server: Low. Apply patch after exhaustive testing.








I will be teaching next: Intrusion Detection In-Depth - SIEM Summit & Training 2019

Johannes

3631 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!