Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

MS04-028 POC Exploit Code [GDI+]

From: "Faigle, Chris" <cfaigle () RICHMOND EDU>
Date: Wed, 22 Sep 2004 14:23:58 -0400
Cross post from DSheild list.

Very concerned about this here considering the number of possible vectors.

Comments?

Chris Faigle
IS Security
University of Richmond


-----Original Message-----
From: Paul Marsh [mailto:pmarsh () nmefdn org]
Sent: Wednesday, September 22, 2004 9:14 AM
To: General DShield Discussion List
Subject: [Dshield] GDI+ POC

Zippy Doooooooo

# Note: This isn't a ./hack
# - Plug in shellcode and get the address
# - You non-kiddies out there are smart enough to fill in the blanks
# - Until you do the above, it's just a stupid PoC crash
#
# It's ugly, but it works :)

http://www.k-otik.com/exploits/09222004.ms04-28.sh.php
_______________________________________________
DShield and the Internet Storm Center are sponsored by the SANS Institute.
To learn more about current SANS training, see http://www.sans.org .

_______________________________________________
send all posts to list () lists dshield org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.
Previous By Date Next
Previous By Thread Next

Current thread: