B.I.S.S. Forums > internet Explorer Security Bypass

Help - Search - Members - Calendar

Full Version: internet Explorer Security Bypass

B.I.S.S. Forums > Bluetack Forums > Global News

frederik

Jun 11 2004, 04:07 PM

More sad news, so take care all users of IE explorer

Shown as seen

from Secunia Security Advisories [sec-adv@secunia.com]

Internet Explorer Security Zone Bypass and Address Bar Spoofing Vulnerability

SECUNIA ADVISORY ID:
SA11830

VERIFY ADVISORY:
http://secunia.com/advisories/11830/

CRITICAL:
Moderately critical

IMPACT:
Security Bypass, Spoofing

WHERE:
From remote

SOFTWARE:
Microsoft Internet Explorer 6

DESCRIPTION:
bitlance winter has reported a vulnerability in Internet Explorer (IE), allowing malicious people to bypass security zones or conduct phishing attacks.

The vulnerability is caused due to an error within the handling of URLs, which may cause IE to view a web site in context of another less secure security zone than intended.

Example:
http://[trusted_site]%2F%20%20%20.[malicious_site]/

Successful exploitation may allow a web page to be displayed in context of another domain e.g. in the "Trusted sites" or "Local intranet" security zones. However, a malicious web site's domain has to support wildcard DNS and accept invalid values in the "Host:"
header.

The issue can also be exploited to potentially trick users into supplying sensitive information to a malicious web site, because information displayed in the address bar can be constructed in a certain way. This may lead users to believe that they're visiting another web site than the displayed web site.

The vulnerability has been confirmed on a fully patched Windows XP system with IE 6.0. Other versions may also be affected.

NOTE: The vulnerability may present a greater risk on systems, where predictable domains are in the "Trusted sites" zone. This can also be combined with other unfixed vulnerabilities to bypass mitigating steps, where Active Scripting has been disabled for all zones but "Trusted sites".

SOLUTION:
Set the security level for all zones to "High" in Internet Explorer.
This will impair functionality on many web sites.

Don't follow links from untrusted sources, but input URLs manually in the address bar.

Use another browser.

PROVIDED AND/OR DISCOVERED BY:
bitlance winter

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

Please Note:
Secunia recommends that you verify all advisories you receive by clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Regards from the Blues man
frederik

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.