Full Disclosure mailing list archives
Re: EEYE: Windows VDM #UD Local Privilege Escalation
From: David Maynor <dmaynor () gmail com>
Date: Wed, 13 Oct 2004 19:05:04 -0400
Its not that ISS doesn't feel like its a problem, its just when you let an attacker get to the point where they could run a local attack its game over. ISS's goal is to stop the attacker from getting close enogh to execute a local attack. On Wed, 13 Oct 2004 10:30:27 -0400, KF_lists <kf_lists () secnetops com> wrote:
ISS would like to have you believe otherwise... when I contacted them about the Local SYSTEM escalation in BlackICE we went in circles over the fact that I feel that taking local SYSTEM on a win32 box IS a problem and they don't. They tryed to say some crap like "in all our years in the industry we have never had a customer state that local windows security was a concern... blah blah (paraphrasing)". And something along the lines of "Windows is not a true multi-user system (like unix) so local escalation means nothing." -KF > Also, at least in MS Windows, it's my personal feeling that localprivilege escalation issues (particularly escalation to kernel or system status) should be critical issues. Whether people can run arbitrary code on MS Windows systems these days isn't an exercise for the mind anymore, it's an exercise of "go look at your neighbors computer and see that it's done regularly"._______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- EEYE: Windows VDM #UD Local Privilege Escalation Derek Soeder (Oct 12)
- Re: EEYE: Windows VDM #UD Local Privilege Escalation Pablo (Oct 13)
- Re: EEYE: Windows VDM #UD Local Privilege Escalation Brent J. Nordquist (Oct 13)
- Re: EEYE: Windows VDM #UD Local Privilege Escalation Barry Fitzgerald (Oct 13)
- Re: EEYE: Windows VDM #UD Local Privilege Escalation KF_lists (Oct 13)
- Re: EEYE: Windows VDM #UD Local Privilege Escalation Barry Fitzgerald (Oct 13)
- Re: EEYE: Windows VDM #UD Local Privilege Escalation David Maynor (Oct 14)
- Re: EEYE: Windows VDM #UD Local Privilege Escalation kf_lists (Oct 14)
- Re: EEYE: Windows VDM #UD Local Privilege Escalation KF_lists (Oct 13)
- Re: EEYE: Windows VDM #UD Local Privilege Escalation Pablo (Oct 13)