Hello, How we can detect scripting attacks passing via a network sensor?
http://www.heise.de/ct/browsercheck/e5demo12.shtml because the link is in German I will try to translate Prepared web site formats hard disk thanks to IE By usage of different security gaps in Microsoft's Internet Explorer turns out well over a web site prepared correspondingly to execute arbitrary programs on strange computers. The Internet Explorer divides web sites up into two categories, web pages belong to the "Internet zone", local intranet sides are classed with the "local computer zone". The latter have less restrictive safety attitudes. It have been known the possibility to penetrate and to execute programs there via "Internet zone" to the "local computer zone" since long. Andreas Sandblad, has managed to use this so-called Cross site scripting hole in the Windows help and to execute commands with parameter hand-off on the victim PC - devastating commands like format or deltree. In accordance with Sandblad the Internet Explorer 6 is susceptible to this gap with the current Patches. The online magazine Heise.de tested the script also with the "unpatched" IE 6 just like with the IE 5.5, "patched" or "unpatched". The attack could be executed successfully at each of these versions. You can check your browser on the Heise side. In accordance with Sandblad Microsoft was already informed about the problem on October 4t, till now, the software giant, however, hasn't reacted, the possibility programs with parameters from this one, to execute "local computer zone" is no security gap, MS finally argued. At present it is the deactivation of "Active Scripting" the only possibility to avoid the danger. Thanks George _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
