NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Full-Disclosure> 2006-07

Re: [Full-disclosure] Linux Privilege Escalation exploits

From: Knud Erik Højgaard (kokaningmail.com)
Date: Sat Jul 15 2006 - 08:18:51 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Until someone makes an official rating scale and everyone follows it
it will suck as much as it does now. All the extremely highly
superduper critical bla bla buzzwords are a load of crap in
marketing-style proportions - after all it's all about remote command
execution, remote data alteration, local priv escalation, file
destruction and so on. People need to decide for themselved how
critical it is. My 2krone.

On 7/15/06, David Taylor <ltrisc.upenn.edu> wrote:
> I know various security research sites that release advisories on new
> vulnerabilities have their own way they determine what is critical or not.
> Privilege escalation exploits are usually local and require a local account
> to exploit. So, it seems that security research sites label these as 'less
> critical'. But at the same time they will label a Mambo exploit that lets
> you have access to a system as 'highly critical'. If I can launch a Mambo
> exploit against a system that has a vulnerable version of OS susceptible to
> the priv esc isn't that now extremely critical? With all of the exploits
> out that the defacer kiddies use could a local priv esc exploit be
> integrated into these? If so then shouldn't these vulnerabilities be rated
> higher than 'less critical'?
>
> I'm just thinking that people aren't looking at the big picture when they
> rate these vulnerabilities.
>
> ==================================================
> David Taylor //Sr. Information Security Specialist
> University of Pennsylvania Information Security
> Philadelphia PA USA
> (215) 898-1236
> http://www.upenn.edu/computing/security/
> ==================================================
>
> Penn Information Security RSS feed
> http://www.upenn.edu/computing/security/rss/rssfeed.xml
> Add link to your favorite RSS reader
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]