Full Disclosure mailing list archives

RE: SANS GDIscan

From: "Perrymon, Josh L." <PerrymonJ () bek com>
Date: Mon, 27 Sep 2004 16:25:19 -0500

I get the same thing. I see a lot of indifferences with the locations of the
.DLL --

Also patched systems from M$ update and SMS patch pushes and still get
vulnerable .DLLs using the Scanner from SANS?

Does the M$ patch really fix this issue?

I'm going to take a patched box and run some exploits on it in the lab to
see the results.

JP

-----Original Message-----
From: bashis [mailto:mcw () wcd se] 
Sent: Sunday, September 26, 2004 10:34 AM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] SANS GDIscan


Hi

I tested [1] 'gdiscan' from SANS, and this tool reports vulnerable DLL's
after installing all availible patches from M$..

WinXP Pro SP1
C:\WINDOWS\system32\gdiplus.dll
   Version: 5.1.3097.0 <-- Vulnerable version 

Win2k Server SP4
C:\Program Files\Common Files\Microsoft Shared\Ink\gdiplus.dll
   Version: 5.1.3097.0 <-- Vulnerable version 

[1]
http://isc.sans.org/gdiscan.php

Have a nice day
/bashis

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

SANS GDIscan bashis (Sep 26)
- <Possible follow-ups>
- RE: SANS GDIscan Perrymon, Josh L. (Sep 27)