| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <34cf86a10410131605caa8fbd@mail.gmail.com> From: dmaynor at gmail.com (David Maynor) Subject: EEYE: Windows VDM #UD Local Privilege Escalation Its not that ISS doesn't feel like its a problem, its just when you let an attacker get to the point where they could run a local attack its game over. ISS's goal is to stop the attacker from getting close enogh to execute a local attack. On Wed, 13 Oct 2004 10:30:27 -0400, KF_lists <kf_lists@...netops.com> wrote: > ISS would like to have you believe otherwise... when I contacted them > about the Local SYSTEM escalation in BlackICE we went in circles over > the fact that I feel that taking local SYSTEM on a win32 box IS a > problem and they don't. They tryed to say some crap like "in all our > years in the industry we have never had a customer state that local > windows security was a concern... blah blah (paraphrasing)". And > something along the lines of "Windows is not a true multi-user system > (like unix) so local escalation means nothing." > > -KF > > > > > Also, at least in MS Windows, it's my personal feeling that local > > privilege escalation issues (particularly escalation to kernel or system > > status) should be critical issues. Whether people can run arbitrary > > code on MS Windows systems these days isn't an exercise for the mind > > anymore, it's an exercise of "go look at your neighbors computer and see > > that it's done regularly". > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists