[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] SANS GDIscan

To: "'mcw@xxxxxx'" <mcw@xxxxxx>, full-disclosure@xxxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] SANS GDIscan
From: "Perrymon, Josh L." <PerrymonJ@xxxxxxx>
Date: Mon, 27 Sep 2004 16:25:19 -0500

I get the same thing. I see a lot of indifferences with the locations of the
.DLL --

Also patched systems from M$ update and SMS patch pushes and still get
vulnerable .DLLs using the Scanner from SANS?

Does the M$ patch really fix this issue?

I'm going to take a patched box and run some exploits on it in the lab to
see the results.

JP

-----Original Message-----
From: bashis [mailto:mcw@xxxxxx] 
Sent: Sunday, September 26, 2004 10:34 AM
To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] SANS GDIscan


Hi

I tested [1] 'gdiscan' from SANS, and this tool reports vulnerable DLL's
after installing all availible patches from M$..

WinXP Pro SP1
C:\WINDOWS\system32\gdiplus.dll
   Version: 5.1.3097.0 <-- Vulnerable version 

Win2k Server SP4
C:\Program Files\Common Files\Microsoft Shared\Ink\gdiplus.dll
   Version: 5.1.3097.0 <-- Vulnerable version 

[1]
http://isc.sans.org/gdiscan.php

Have a nice day
/bashis

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: RE: [Full-Disclosure] MS04-028 Jpeg EXPLOIT with Reverse and Bind shell ...
Next by Date: RE: [Full-Disclosure] MS04-028 Jpeg EXPLOIT with Reverse and Bind shell ...
Previous by thread: [Full-Disclosure] SANS GDIscan
Next by thread: [Full-Disclosure] HTTP Response Splitting and SQL injection in megabbs forum
Index(es):
- Date
- Thread