lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: dmaynor at (David Maynor)
Subject: EEYE: Windows VDM #UD Local Privilege Escalation

Its not that ISS doesn't feel like its a problem, its just when you
let an attacker get to the point where they could run a local attack
its game over. ISS's goal is to stop the attacker from getting close
enogh to execute a local attack.

On Wed, 13 Oct 2004 10:30:27 -0400, KF_lists <> wrote:
> ISS would like to have you believe otherwise...  when I contacted them
> about the Local SYSTEM escalation in BlackICE we went in circles over
> the fact that I feel that taking local SYSTEM on a win32 box IS a
> problem and they don't. They tryed to say some crap like "in all our
> years in the industry we have never had a customer state that local
> windows security was a concern... blah blah (paraphrasing)". And
> something along the lines of "Windows is not a true multi-user system
> (like unix) so local escalation means nothing."
> -KF
>  > Also, at least in MS Windows, it's my personal feeling that local
> > privilege escalation issues (particularly escalation to kernel or system
> > status) should be critical issues.  Whether people can run arbitrary
> > code on MS Windows systems these days isn't an exercise for the mind
> > anymore, it's an exercise of "go look at your neighbors computer and see
> > that it's done regularly".
> >
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:

Powered by blists - more mailing lists