[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] SANS GDIscan

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] SANS GDIscan
From: bashis <mcw@xxxxxx>
Date: Sun, 26 Sep 2004 17:34:04 +0200 (CEST)

Hi

I tested [1] 'gdiscan' from SANS, and this tool reports vulnerable DLL's after
installing all availible patches from M$..

WinXP Pro SP1
C:\WINDOWS\system32\gdiplus.dll
   Version: 5.1.3097.0 <-- Vulnerable version 

Win2k Server SP4
C:\Program Files\Common Files\Microsoft Shared\Ink\gdiplus.dll
   Version: 5.1.3097.0 <-- Vulnerable version 

[1]
http://isc.sans.org/gdiscan.php

Have a nice day
/bashis

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] RE: Full-Disclosure: JEPG Hype or Hope?
Next by Date: [Full-Disclosure] HTTP Response Splitting and SQL injection in megabbs forum
Previous by thread: [Full-Disclosure] RE: Full-Disclosure: JEPG Hype or Hope?
Next by thread: RE: [Full-Disclosure] SANS GDIscan
Index(es):
- Date
- Thread