Re: [Full-Disclosure] EEYE: Windows VDM #UD Local Privilege Escalation
From: David Maynor (dmaynor_at_gmail.com)
Date: 10/14/04
- Previous message: Thierry Carrez: "[ GLSA 200410-11 ] tiff: Buffer overflows in image decoding"
- In reply to: KF_lists: "Re: [Full-Disclosure] EEYE: Windows VDM #UD Local Privilege Escalation"
- Next in thread: kf_lists: "Re: [Full-Disclosure] EEYE: Windows VDM #UD Local Privilege Escalation"
- Reply: kf_lists: "Re: [Full-Disclosure] EEYE: Windows VDM #UD Local Privilege Escalation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: KF_lists <kf_lists@secnetops.com> Date: Wed, 13 Oct 2004 19:05:04 -0400
Its not that ISS doesn't feel like its a problem, its just when you
let an attacker get to the point where they could run a local attack
its game over. ISS's goal is to stop the attacker from getting close
enogh to execute a local attack.
On Wed, 13 Oct 2004 10:30:27 -0400, KF_lists <kf_lists@secnetops.com> wrote:
> ISS would like to have you believe otherwise... when I contacted them
> about the Local SYSTEM escalation in BlackICE we went in circles over
> the fact that I feel that taking local SYSTEM on a win32 box IS a
> problem and they don't. They tryed to say some crap like "in all our
> years in the industry we have never had a customer state that local
> windows security was a concern... blah blah (paraphrasing)". And
> something along the lines of "Windows is not a true multi-user system
> (like unix) so local escalation means nothing."
>
> -KF
>
>
>
> > Also, at least in MS Windows, it's my personal feeling that local
> > privilege escalation issues (particularly escalation to kernel or system
> > status) should be critical issues. Whether people can run arbitrary
> > code on MS Windows systems these days isn't an exercise for the mind
> > anymore, it's an exercise of "go look at your neighbors computer and see
> > that it's done regularly".
> >
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Thierry Carrez: "[ GLSA 200410-11 ] tiff: Buffer overflows in image decoding"
- In reply to: KF_lists: "Re: [Full-Disclosure] EEYE: Windows VDM #UD Local Privilege Escalation"
- Next in thread: kf_lists: "Re: [Full-Disclosure] EEYE: Windows VDM #UD Local Privilege Escalation"
- Reply: kf_lists: "Re: [Full-Disclosure] EEYE: Windows VDM #UD Local Privilege Escalation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
