lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <t5j8a2$15nf$1@ciao.gmane.io> Date: Thu, 12 May 2022 15:15:15 -0000 (UTC) From: Tavis Ormandy <taviso@...il.com> To: fulldisclosure@...lists.org Subject: Re: [FD] Defense in depth -- the Microsoft way (part 80): 25 (in words: TWENTY-FIVE) year old TRIVIAL bug crashes CMD.exe On 2022-05-10, Stefan Kanthak wrote: >| Their reasoning centers around the requirement to have admin >| privileges to pull off the attack. > > OUCH! Unprivileged users can but write this registry entry below > [HKEY_CURRENT_USER\Software\Microsoft\Command Processor] They're explaining that you need privileges to attack *other* users. I don't think anyone is disputing you can "attack" yourself. I know, I know - we've had this discussion before, and nothing will convince you that this isn't a vulnerability :) Tavis. -- _o) $ lynx lock.cmpxchg8b.com /\\ _o) _o) $ finger taviso@....org _\_V _( ) _( ) @taviso _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists