| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BAY10-DAV31pW2R5noU000022b9@hotmail.com> From: se_cur_ity at hotmail.com (morning_wood) Subject: New GDI exploit reverse successfull... m.wood > Game over... > > So the exploit is out that will open a local command prompt on the > machine exploiting the GDI library.. > > This thing allows 2500 bytes of shellcode.. > > How long before this turns nasty? > > Seems easy to me to make it reverse shell... > > > -------- > > The problem I have is patching with SMS. MBSA won't pickup the needed > patched in SMS so you have to push out to all machines in a container > for a certain software type- > > IE > XP > VIsio > > > blah blah so on.... > > ------------ > > The cycle continues.. > > JP > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists