diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)

Mar112008

Another Internet Explorer FTP flaw

A flaw in the way Microsoft’s Internet Explorer browser processes FTP commands could let attackers steal or erase data from a victim’s FTP site.

The bug, which affects users of IE 6 and the unsupported IE 5 browser, gives an attacker a way of hijacking the victim’s FTP sessions. But a successful attack would be very hard to pull off and would only work in very precise, targeted attacks, security experts said.

The attacker would need to know the victim’s username on the FTP server and the victim would have to already be logged into the server, using IE. Under those conditions, the victim could be sent a malicious FTP link that would then execute commands on the victim’s FTP server.

View: Rapid7 Security Advisory |  Full Article

Internet Explorer, IE, Vulnerability, Flaw, FTP, Exploit

Share This Story, Choose Your Platform!