Text only | Text with Images

Twisted DIRT Forums

MX vs ATV (and prior MX games) Forum => General Discussion MVA => Topic started by: Fixer on November 20, 2006, 04:35:42 PM

Title: MCM Factory Intrusion
Post by: Fixer on November 20, 2006, 04:35:42 PM
Good looking track!. I was a lttle surprised though when I visited mcmfactory and got this:

Topic split from: MXA new Track , buBBa Motocross Park Kawasaki
http://dirttwister.com/smf/index.php?topic=1911.from1164046808;topicseen#msg18690

(http://www.twisteddirt.com/fixer/Factory_Intrusion.jpg)

Added this:
HTTP MSIE Content Type BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects a denial of service vulnerability in Microsoft Internet Explorer.

Additional Information

Microsoft Internet Explorer is prone to a denial-of-service vulnerability.

This issue is triggered when an attacker convinces a victim user to visit a malicious website. Specifically, the vulnerability presents itself when the browser processes excessively large 'Content-Type' HTTP response headers consisting of more than approximately 1M bytes. An attacker can trigger a stack-overflow exception.

This crash reportedly occurs due to a flaw in the 'wininet.dll' library.

A successful attack can cause Microsoft Internet Explorer to crash, effectively denying service to legitimate users.

Specific information regarding affected Internet Explorer packages is not currently available. This BID will be updated as further information is disclosed.

Affected:

Microsoft Internet Explorer 7.0 beta1, 7.0 beta2, 7.0 beta3, 5.0, 5.0.1, 5.0.1 SP1, 5.0.1 SP2, 5.0.1 SP3, 5.0.1 SP4, 5.5, 5.5 SP1, 5.5 SP2, 6.0, 6.0 SP1, 6.0 SP2

Response

Ensure that all patches available for Microsoft Internet Explorer have been applied.

Possible False Positives

There are no known cases of false positives associated with this signature.
Title: MXA new Track , buBBa Motocross Park Kawasaki
Post by: Bulldog on November 20, 2006, 05:24:30 PM
Isn't that neat!  ::)
Title: MXA new Track , buBBa Motocross Park Kawasaki
Post by: VRT_JPRLisbon_ on November 20, 2006, 06:04:30 PM
Thanks.

A friend of me have that with mcmfactory since some weeks ago , every time he go to factory  norton block the site , not a problem with just my track link , its with all factory links and home site , i wonder whats going on with mcmfactory site ??  :(
Title: MXA new Track , buBBa Motocross Park Kawasaki
Post by: tk_madmac0 on November 20, 2006, 07:05:44 PM
Thanks JPR for emailing me with a link to this thread. I haven't been able to see the same warning in IE7, but will look into it today. That's definitely not a good look!

Cheers for now,
tk_madmac
Title: Re: MCM Factory Intrusion
Post by: Fixer on November 20, 2006, 08:12:33 PM
I split the topic so it wouldn't ruin the original topic.
Text only | Text with Images