Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
Dotless IP Address Issue in Internet Explorer 4
A vulnerability exists with how Internet Explorer 4 determines what security zone a target server is in. By using this vulnerability, a malicious hacker could misrepresent the URL of their website, causing the site to be treated as it if were located on an intranet by Internet Explorer's Security Zones feature.
Issue
The "Dotless IP Address" issue involves a vulnerability in Internet Explorer that could allow a malicious hacker to circumvent certain Internet Explorer security safeguards. This vulnerability makes it possible for a malicious web site operator to misrepresent the URL of an Internet web site and make it appear as if the machine is on the user's "Local Intranet Zone". Internet Explorer has the ability to set security settings differently between different zones. By this means, a malicious site could potentially perform actions that had been disabled in the Internet Zone or Restricted Sites Zone, but is permitted in the Local Intranet Zone.
The nature of this vulnerability is that in determining what zone a web site belongs to, Internet Explorer interprets a 32-bit number (i.e. http://031713501415) as an all numeric host name, while the IP stack resolves this address to its equivalent dotted IP format (i.e. 207.46.131.13). Internet Explorer incorrectly considers this machine to be on the Local Intranet Zone, rather than in the Internet Zone, and could incorrectly apply security settings to the web server.
Affected Products
- Internet Explorer 4.0, 4.01 and 4.01 SP1 on Windows NT 4.0, Windows 95 and Windows 98
Solution
If you are unable to apply the patch or upgrade IE to the current version, you can reduce your risk of being affected by this problem by adjusting your Intranet Zone settings to be the same as those used by the Internet Zone. To do this, perform the following steps:
- Click Start, point to Settings, and then click Control Panel.
- Double-click Internet, and then click the Security tab.
- In the Zone box, click local Intranet Zone.
- Modify the local Intranet Zone security level or custom settings to match those in the Internet Zone.
- Click OK to close the Internet Properties sheet.
Note: The default configuration for both the Internet Zone and the Local Intranet Zone is "Medium Security". However, there is one difference between these defaults: the local Intranet Zone enables the automatic use of NTLM challenge response authentication with local Intranet machines, while this option is disabled by default when connecting to servers in the Internet Zone. If you need to change this setting, perform the following steps:
- Click Start, point to Settings, and then click Control Panel.
- Double-click Internet, and then click the Security tab.
- In the Zone box, click local Intranet Zone.
- Select the level of security that you wish to use under User Identification | Logon.
- Click OK to close the Security Settings dialog, then click OK to close the Internet Properties sheet.
Download
Patch: http://www.microsoft.com/windows/ie/security/dotless.asp
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: October 23, 1998
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
