SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   NeoBook Vendors:   NeoSoft Corp.
NeoSoft NeoBook Content Authoring System Allows Remote Users to Execute Code When Malicious Content is Viewed
SecurityTracker Alert ID:  1005644
SecurityTracker URL:  http://securitytracker.com/id/1005644
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Nov 16 2002
Impact:   Execution of arbitrary code via network, User access via network

Version(s): 4
Description:   A vulnerability was reported in NeoSoft's NeoBook authoring software. A remote user can execute malicious code on a target user's computer.

It is reported that a remote user can create malicious code in a NeoBook project package so that, when the project is viewed by a target user, malicious code will execute on the target user's computer.

According to the report, the 'NBActiveX.ocx' ActiveX control (used with NeoBook to execute programs on Windows-based systems) can silently execute malicious code. A remote user can create NeoBook content in 'Distribution Mode' containing malicious code. NeoBook will include the vulnerable ActiveX control as part of the project file. So, when a target user downloads the NeoBook content, the ActiveX component will be installed and the malicious code will execute on the target user's computer.

Impact:   A remote user can create malicious content that, when loaded, will execute arbitrary commands on a target user's computer.
Solution:   No solution was available at the time of this entry. The author of the report indicates that you can disable ActiveX scripting on Internet Explorer to avoid this flaw.
Vendor URL:  www.neosoftware.com/nbw.html (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  NBActiveX Sure ActiveX Big Vulnerability


*******************************
Lorenzo Hernandez garcia-hierro
Webmaster of LORENZOHGH.COM
*******************************
NBActiveX Sure ActiveX New Vulnerability

Dear firends,

INTODUCTION
This vulnerability is an important failure because the malicious code writed 
in NeoBook 4 can be executed out of permission and silent. NBActiveX.ocx is a 
AtiveX control for execute programms created and designed for the web with Neo 
Book 4 (the best author multimedia software)the vulnerability is in the form 
that NBActiveX.ocx is identificated throw the MSIE ActiveX Control Validator 
or system of security control and the MSI validate with sure calification the 
activex but no checking the routines.

METHOD

1.If you create a programm and select in compilation mode Distribution Mode> 
Web Navigator , NeoBook 4 compiles a file called [nameofproject].prg and a 
[nameofproject].htm the NBActiveX.ocx is publicated with that files in the 
server and the HTM file is the "wrap" of the .prg file and the server activex 
NBActiveX.ocx .

2.type the URL for the HTM File and wait,my example was based on a programm 
that writes a file called Win32DLL.vbs in %ROOT% normally c:\ and in another 
pixel run another programm created with neobook too , this programm run 
finally the script .vbs and the script run MsgBox("Hello World") but the file 
can be all types of files like patch.exe (Netbus slave) or any.
 
THE PROBLEM

Neo Book 4 allow to insert any tipes of files in your project for wrap (like 
eliteWrap) it an execute or save,rename,put attrb and all the commands 
possible in win32.
laught.).

FILES ENCOUNTERED THE PROBLEM:
NBActiveX.ocx  -The famous dangerous ActiveX-
[nameofproject].prg -The programm wrap-
[nameofproject].HTM -the NBActiveX and wrapper executor-

ABOUT ME:

My name is Lorenzo Hernandze GARCIA-HIERRO and i'm 13 old , i live in madrid 
in spain  and i use linux in two of my 3 computers (i break some windows, 
don't laught!!!)my telephone number (mobile) +34676001011.
-----------------------------------------------------
Me http://lorenzohgh.com
or me project of linux http://lorenzohgh.com/linux 
My nick geniemgh : http://ciberia.ya.com/geniemgh 
-----------------------------------------------------
PLEASE RESPOND ME WITH THE answer.
PLEASE TAKE CARE WITH THIS IMPORTANT AND DANGEROUS VULNERABILITY BECAUSE I 
CREATE A VIRUS IN VBS SCRIPT AN A TROJAN WRAPPER (ELITE WRAP) AND THE EFFECTS 
ARE CATASTROFIC AND VERY QUICKLY (IN A P2 LIKE 10 SECONDS FOR TOTAL INFECTION 
AND FILE REPLACE WITH A 56 MODEM) 

PLEASE CHECK THIS BECUSE IF YOU THINK THE POSSIBILITIES ARE INFINITE AND IF 
YOU RUN IT ON A IIS.... ALL THE DATA ARE FOR ANY WITH TROJAN ACCESS.



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC