On Thu, 21 Jun 2012 08:02:26 -0700, Gage Bystrom said: > to me it seems like hes trying to say that someone with administrative > access has the ability to....have administrative access. Its like > saying "Hey guys! I found a local exploit and all it requires is to be > a root user!!!" > > I'm not sure if he's trolling or just stupid. There are many things that, while technically not "vulnerabilities", are still pretty interesting to remember, in case you find a way to trick that admin user into doing it for you. This has been true ever since Unix boxes got pwned by getting the root user to look at your odd core dump - after putting something interesting in .dbxrc in the directory....
Attachment:
pgpYuZ4qWkiPQ.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/