[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Re: HTML Help API - Privilege Escalation
- To: KF <dotslash@snosoft.com>
- Subject: Re: [Full-Disclosure] Re: HTML Help API - Privilege Escalation
- From: security snot <booger@unixclan.net>
- Date: Fri, 24 Oct 2003 16:55:31 -0700 (PDT)
C:\>perl.exe -e ...
won't help you find bugs buddy.
-----------------------------------------------------------
"Whitehat by day, booger at night - I'm the security snot."
- CISSP / CCNA / A+ Certified - www.unixclan.net/~booger/ -
-----------------------------------------------------------
On Sat, 25 Oct 2003, KF wrote:
> Well there are not setuid applications in win32 but as I mentioned above
> there are apps that run with elevated priv levels. Heck look at shatter
> type attacks... In the win32 world thats about as close to a local
> attack (on unix) against a setuid binary.
>
> -KF
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html