Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:574
HistoryAug 22, 2000 - 12:00 a.m.

Re: BrownOrifice can break firewalls! NOW MSIE

2000-08-2200:00:00
vulners.com
12
JSON

Hi,

The same security hole, exists in MSIE too, with one restriction: url can't
start with file:. But still the applet from outside site, can access you
intranet servers including ftps and ALL sites you have access to. The
demonstration of the bug is here:

http://www.oltres.com/ms-bug/

Thanx, Alexey.

PS: The applet was tested on WinNT 4.0sp5 with Internet Explorer both 5 and 5.5
versions.

JSON