Search This Blog

Tuesday, July 03, 2007

[NT] Internet Explorer Zone Domain Specification DoS and Page Suppressing

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html


- - - - - - - - -

Internet Explorer Zone Domain Specification DoS and Page Suppressing
------------------------------------------------------------------------


SUMMARY

A vulnerability in the way Internet Explorer handles Intranet and
Restricted Zones allows attacker to cause a denial of service attack
against the browser.

DETAILS

The vulnerability is present in handling of domain names with different
parameters [sub domains] when specified in the Intranet zone and
Restricted zone with different characters [* ,.]. The Internet Explorer
show weird behavior in opening of those websites.

The problem occurs in loading of those websites there by resulting in DoS
through the browser. The problem occurs in resolving domain names in
different zones by the explorer. It can be launched remotely by a
malicious attacker by exploiting this vulnerable behavior through a rogue
script and registry functions. The problem persists if rogue entries or
manipulated entries
are subjected into various zones.

So when a new instance of IE is loaded , the registry entries are
triggered up there by resulting in security impacts. The website page gets
suppressed. The page gets hanged for sometime , there by showing a delay
in loading of website and affects the CPU load.

Workarounds:
1. Avoid visiting untrusted Websites.
2. Script Restriction should be applied.


ADDITIONAL INFORMATION

The information has been provided by <mailto:zeroknock@secniche.org>
Aditya K Sood.

========================================


This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com


====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)