[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] New GDI exploit

To: "Josh L. Perrymon" <joshuaperrymon@xxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] New GDI exploit
From: "morning_wood" <se_cur_ity@xxxxxxxxxxx>
Date: Wed, 22 Sep 2004 14:13:41 -0700

reverse successfull...

m.wood

> Game over...
> 
> So the exploit is out that will open a local command prompt on the
> machine exploiting the GDI library..
> 
> This thing allows 2500 bytes of shellcode..
> 
> How long before this turns nasty?
> 
> Seems easy to me to make it reverse shell...
> 
> 
> --------
> 
> The problem I have is patching with SMS. MBSA won't pickup the needed
> patched in SMS so you have to push out to all machines in a container
> for a certain software type-
> 
> IE
> XP
> VIsio
> 
> 
> blah blah so on....
> 
> ------------
> 
> The cycle continues..
> 
> JP
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] New GDI exploit
  - From: Josh L. Perrymon

Prev by Date: [Full-Disclosure] [ GLSA 200409-30 ] xine-lib: Multiple vulnerabilities
Next by Date: [Full-Disclosure] MDKSA-2004:102 - Updated ImageMagick packages fix arbitray code execution vulnerabilities
Previous by thread: [Full-Disclosure] Re: New GDI exploit
Next by thread: [Full-Disclosure] Re:Hiring a worm writer to do computer security
Index(es):
- Date
- Thread