Microsoft IE Dotless IP Zone Spoofing

2001-10-10T00:00:00
ID OSVDB:1971
Type osvdb
Reporter Michiel Kikkert(security@kikkert.nl)
Modified 2001-10-10T00:00:00

Description

Vulnerability Description

Microsoft Internet Explorer contains a flaw related to the way dotless IP addresses are classified with respect to their security zone. This flaw may allow an attacker to have Internet Explorer interpret a site of the Internet security zone as a site of the Intranet security zone and therefore execute in a context of lower security.

Technical Description

Any web site accessed via a dotless IP address is interpreted as a site of the Intranet security zone.

Solution Description

Microsoft has released a patch to address this issue. Additionally, it is possible to correct the flaw by implementing the following workaround(s): increase the security settings of the Intranet security zone to match the security settings of the Internet security zone.

Short Description

Microsoft Internet Explorer contains a flaw related to the way dotless IP addresses are classified with respect to their security zone. This flaw may allow an attacker to have Internet Explorer interpret a site of the Internet security zone as a site of the Intranet security zone and therefore execute in a context of lower security.

References:

Microsoft Security Bulletin: MS01-051 Microsoft Knowledge Base Article: 306121 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2001-10/0075.html Keyword: aka the "Zone Spoofing vulnerability" ISS X-Force ID: 7258 Generic Informational URL: http://morph3us.org/blog/?p=31 CVE-2001-0664 Bugtraq ID: 3420