VULHUB ™

Microsoft Security Advisory MS01-051 - Three dangerous vulnerabilities have been found in Internet Explorer 5.0. The first causes sites that have no dots in the IP address to run with less security restrictions. The second allows an attacker to include HTTP requests that would be sent to the site as soon as a connection is established, appearing to have originated from the user. The third is a variation of MS01-015 which affects only NT and 2000 machines running SFU 2.0, a version of telnet which allows session transcripts. An attacker could start a transcript and stream an executable on to the users drive. Microsoft FAQ on these issues available here.

Microsoft Security Advisory MS01-051 - Three dangerous vulnerabilities have been found in Internet Explorer 5.0. The first causes sites that have no dots in the IP address to run with less security restrictions. The second allows an attacker to include HTTP requests that would be sent to the site as soon as a connection is established, appearing to have originated from the user. The third is a variation of MS01-015 which affects only NT and 2000 machines running SFU 2.0, a version of telnet which allows session transcripts. An attacker could start a transcript and stream an executable on to the users drive. Microsoft FAQ on these issues available here.