Vulnerability Development mailing list archives
Re: More on Shatter
From: H C <keydet89 () yahoo com>
Date: Mon, 26 Aug 2002 08:29:49 -0700 (PDT)
Just because users can logon locally doesn't make any root exploit on that box harmless.
Any privilege escalation attack that works is potentially deadly. Limiting physical access will only prevent (or slow down) certain classes/types of attackers...the malicious or disgruntled employee is not one of the ones that will be deterred. For example, the DebPloit mentioned a bit ago on NTBugTraq was/is a local exploit, but the example executable was included in the Masy worm. There was also nothing preventing an authorized user from installing it on their own workstation. I'm just as guilty of it as others. As a consultant, I used PipeUpAdmin.exe to give myself Admin privileges on my workstation. __________________________________________________ Do You Yahoo!? Yahoo! Finance - Get real-time stock quotes http://finance.yahoo.com
Current thread:
- More on Shatter Chris Paget (Aug 23)
- Re: More on Shatter Daniel Newby (Aug 23)
- Re: More on Shatter Dragos Ruiu (Aug 24)
- Re: More on Shatter Daniel Newby (Aug 24)
- Re: More on Shatter Dragos Ruiu (Aug 24)
- <Possible follow-ups>
- re: More on Shatter HalbaSus (Aug 25)
- Re: More on Shatter Darryl Luff (Aug 25)
- Re: More on Shatter Syzop (Aug 26)
- Re: More on Shatter H C (Aug 26)
- RE: More on Shatter Kris Kistler (Aug 26)
- RE: More on Shatter Richard Masoner (Aug 26)
- RE: More on Shatter Mark Ribbans (Aug 26)
- RE: More on Shatter Kayne Ian (Softlab) (Aug 27)
- Re: More on Shatter Daniel Newby (Aug 23)