re: More on Shatter

From: HalbaSus (halbasus@go.ro)
Date: 08/25/02 

From: HalbaSus <halbasus@go.ro>
To: vuln-dev@securityfocus.com
Date: Sun, 25 Aug 2002 13:17:10 +0000

I don't want to be rude but... we're talking about a win32 local exploit here
!!!!

My question would be... Why would anyone want to patch it ? Here are some
reasons for not bothering about it.

1. Important servers/workstations should NOT use win32
2. Currently there are plenty of remote vulnerabilities which leave you with
enough priviledge to do some nasty stuff on a Win32-box (OK, if someone will
create an automated Shatter version that could be used to gain more
priviledge on a "owned" win32 but than again... see reason no 1 :)
3. As long as someone needs phisical access for this it's not really such a
serious problem.. usually when someone has phisical access to a computer he
can do mostly whatever he/she wants. Without using exploits...
4. And probably the most important reason: Shatter is one of those mostly
harmless yet very neet exploits that you can impress your friends with... or
you can quickly hack your gf's account while she's changing her clothes (ok,
during this time you could also take her computer bring it to your place,
take out the hdd copy every file on it and then still have the time to go
back to her place and light up a cigarete. :)) 

-- 
------------------------
Proud member of PentaGuard
"Making the net a safer place since 1998"