Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Sans GDI scan says still vulnerable after patching

From: "Alan Melia \(Melmac\)" <alanme () melmac co uk>
Date: Wed, 6 Oct 2004 16:58:01 +0100
It looks like the Sans GDI scan does not take into account the PRE-SP1 fix
version...

http://www.microsoft.com/technet/security/bulletin/MS04-028.mspx

Windows XP Home Edition, Windows XP Professional, Windows XP Home Edition
Service Pack 1, Windows XP Professional Service Pack 1, Windows XP Tablet PC
Edition, and Windows XP Media Center Edition:

Date         Time   Version        Size       File name     Folder
 
--------------------------------------------------------------------------
   09-Mar-2004  01:58  5.1.2600.136     646,656  Sxs.dll       SP1 (Pre SP1)
   02-Mar-2004  21:19  5.1.3102.1360  1,638,400  Gdiplus.dll   SP1 (Pre SP1)
   09-Mar-2004  02:25  5.1.2600.1363    676,864  Sxs.dll       SP2 (With
SP1)
   02-Mar-2004  21:19  5.1.3102.1360  1,638,400  Gdiplus.dll   SP2 (With
SP1)

Alan

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of BillyBobKnob
Sent: 06 October 2004 16:16
To: Full Disclosure
Subject: [Full-disclosure] Sans GDI scan says still vulnerable after
patching

I have patched some systems at work with the MS04-028 patch and then ran the
Sans GDI scanner which said that they are still vulnerable.
Any ideas why ?

F:\WINDOWS\system32\dllcache\sxs.dll

Version: 5.1.2600.136 <-- Vulnerable version

F:\WINDOWS\system32\sxs.dll

Version: 5.1.2600.136 <-- Vulnerable version



Thanks
Bill















_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: