Re: More on Shatter

From: Syzop (syz@dds.nl)
Date: 08/25/02 

Date: Sun, 25 Aug 2002 20:08:16 +0200
From: Syzop <syz@dds.nl>
To: HalbaSus <halbasus@go.ro>, vuln-dev@securityfocus.com

HalbaSus wrote:

> My question would be... Why would anyone want to patch it ? Here are some
> reasons for not bothering about it.

I have worked at a school in the past which was running NT(/w2k) workstations,
in such a case there are good reasons to fix it...
[..]

> 2. Currently there are plenty of remote vulnerabilities which leave you with
> enough priviledge to do some nasty stuff on a Win32-box [..]

The workstations aren't running IIS or something, the only ports open are for
filesharing/rpcstuff (which ofcourse also had/have bugs).

> 3. As long as someone needs phisical access for this it's not really such a
> serious problem.. usually when someone has phisical access to a computer he
> can do mostly whatever he/she wants. Without using exploits...

That's right but it will take some time to open up the computer so it's highly
likely a teacher will see it.

> 4. And probably the most important reason: Shatter is one of those mostly
> harmless yet very neet exploits that you can impress your friends with... [..]

I don't agree with this.
Just because users can logon locally doesn't make any root exploit on that box harmless.
For example: a user can install a keyb logger to sniff passwords from other
users logging in at that machine.

    Bram Matthys.

Relevant Pages

  • Re: OT - Bush creates a new terrorist state
    ... FAIRLY HARMLESS? ... We INVADED ANOTHER COUNTRY and have killed somewhere between ... you could call them "The Coalition of the Bribeable." ... reasons they have. ...
    (alt.autos.toyota)
  • Re: OT - Bush creates a new terrorist state
    ... FAIRLY HARMLESS? ... We INVADED ANOTHER COUNTRY and have killed somewhere between 50,000 ... you could call them "The Coalition of the Bribeable." ... reasons they have. ...
    (alt.autos.toyota)
  • Re: OT - Bush creates a new terrorist state
    ... FAIRLY HARMLESS? ... We INVADED ANOTHER COUNTRY and have killed somewhere between 50,000 ... you could call them "The Coalition of the Bribeable." ... reasons they have. ...
    (alt.autos.toyota)
  • Re: preventing users from halt/shutdown
    ... root only (I suppose for obvious reasons). ... and remotely via ssh login. ... performing unpleasant tricks on the workstations ... they'll go for the power connector ...
    (comp.os.linux.security)
  • re: More on Shatter
    ... Why would anyone want to patch it? ... reasons for not bothering about it. ... create an automated Shatter version that could be used to gain more ... usually when someone has phisical access to a computer he ...
    (Vuln-Dev)