ïw¤ÎBlog
来源: BlogBus 原始链接: http://www.blogbus.com:80/blogbus/blog/diary.php?diaryid=479563 存档链接: https://web.archive.org/web/20041130054011id_/http://www.blogbus.com:80/blogbus/blog/diary.php?diaryid=479563
ïw¤ÎBlog ÃΣ¬·ÉÆðµÄµØ·½ <<<¡°ÖØÒªÎļþ¡±²¡¶¾ÏÖÉí ±ð´ò¿ª¿ÉÒÉÓʼþ | Ê×Ò³ | iptablesDoS.c>>> 2004-11-05 20:57 ±±¾©Ê±¼ä11ÔÂ4ÈÕ£¬ÃÀ¹ú¼ÆËã»úÓ¦¼±ÏìӦС×é(US-CERT)·¢²¼°²È«¾¯¸æ£¬ÔÚIEä¯ÀÀÆ÷ÖдæÔÚÒ»¸öÑÏÖصݲȫ©¶´£¬ÈëÇÖÕß¿ÉÒÔÀûÓÃHTMLµç×ÓÓʼþÐÅÏ¢»ò¶ñÒâÍøÒ³ ¿ØÖÆÄ¿±ê¼ÆËã»úϵͳ¡£°²È«Ñо¿ÈËÔ±±íʾ£¬ÓÉÓÚÀûÓôúÂëÒѾÔÚ¹«¿ªÓʼþÁбíÉÏ·¢²¼£¬Òò´ËÕâһ©¶´µÄΣÏÕÐÔÌرð¸ß¡£ ¸ù¾ÝÃÀ¹ú¼ÆËã»úÓ¦¼±ÏìӦС×é·¢²¼µÄ¹«¸æ£¬µ±IE´¦Àí¡°frame¡±ºÍ¡°iframe¡±HTMLÔªËØ(HTML elements)µÄÁ½ÖÖÊôÐÔʱ¾Í¿ÉÄÜ»á³öÏÖ»º³åÇøÒç³ö£¬Ð·¢ÏÖµÄIE©¶´ÕýÊÇÀûÓÃÁËÕâÒ»µã¡£ Ñо¿ÈËÔ±±íʾ£¬µ±Óû§Ê¹ÓÃÒ»¸ö´æÔÚ©¶´µÄIE°æ±¾·ÃÎʶñÒâÍøÒ³»òʹÓÃOutlook¡¢Outlook Express¡¢AOLÒÔ¼°Lotus NotesµÈÒÀÀµÓÚWebBrowser ActiveX¿Ø¼þµÄÈí¼þ²é¿´HTMLµç×ÓÓʼþʱ£¬¶¼ÓпÉÄÜ»áÊܵ½¹¥»÷¡£ Secunia°²È«¹«Ë¾Ðû²¼£¬Ä¿Ç°ÒѾȷ¶¨£¬Windows XP SP1¼´Ê¹°²×°ÁËËùÓеIJ¹¶¡£¬ËüËù´øµÄIE 6.0ä¯ÀÀÆ÷ÈÔÈ»´æÔÚÕâһ©¶´£¬¶øÔÚ°²×°ÁËËùÓв¹¶¡µÄWindows 2000ÉÏʹÓõÄIE 6.0ä¯ÀÀÆ÷Ò²²»ÄÜÐÒÃ⡣Ŀǰ΢Èí»¹Ã»Óз¢²¼Ïà¹ØµÄ°²È«²¹¶¡¡£²»¹ý°²×°ÁËWindows XP SP2µÄϵͳ¾Í²»´æÔÚÕâһ©¶´£¬Õâ±íÃ÷΢ÈíÔÚ°²È«·½ÃæµÄŬÁ¦ÒѾÊÕµ½ÁËÒ»¶¨µÄ³ÉЧ¡£ ³ýÁË°²×°Windows XP SP2£¬ÏµÍ³¹ÜÀíÔ±»¹¿ÉÒÔ½ûÓû½Å±¾(active scripting)×èÖ¹·ÃÎÊ·ÇÖ÷¶¯Á´½Ó£¬ÒÔ¼°ÔÚµç×ÓÓʼþÖÐʹÓô¿Îı¾£¬ÕâÑùÒ²¿ÉÒÔ¼õÉÙ²¿·ÖΣÏÕÐÔ¡£´ËÍ⣬¼°Ê±¸üз´²¡¶¾Èí¼þµÄ²¡¶¾¿âÒ²¿ÉÒÔÆðµ½Ò»¶¨µÄ·À»¤×÷Óᣠ©¶´ÏêϸÄÚÈÝÇë²é¿´£º http://www.blogbus.com/blogbus/blog/diary.php?diaryid=474820 bamb00 @ 2004-11-05 20:57 ·µ»ØÒ³Ê× | ÆÀÂÛ | ÒýÓÃ(0) | ±à¼ ÆÀÂÛ ·¢±íÆÀÂÛ ×îÐÂÎÄÕ SLmail 5.x POP3 Remote Pass Buffer Overflow Exploit Apache <= 2.0.52 HTTP GET Remote Denial of Service Exploit Ç÷ÊƿƼ¼½«·¢²¼Ð¿îÇ÷ÊƿƼ¼ÍøÂ粡¶¾Ç½ VeriSign³Æ£º90%ÍøÂç¹¥»÷À´×ÔÃÀ¹ú¿í´øÓû§ UBB.Threads 6.2.-6.3. one char bruteforce Exploit Multiple Antivirus Products Virus Detection Bypass PoC Exploit Eudora 6.2 Remote Attachment Spoofing Proof of Concept IPSwitch-IMail 8.13 Delete Command stack overflow Exploit Kerio Personal Firewall Multiple IP Options Denial of Service PoC NetNote Server v2.2 build 230