Home page logo

bugtraq logo Bugtraq mailing list archives

Re: On classifying attacks
From: Godwin Stewart <gstewart () spamcop net>
Date: Sun, 17 Jul 2005 11:41:54 +0200

Hash: SHA1

On Sat, 16 Jul 2005 12:40:29 -0400, Derek Martin <code () pizzashack org> wrote:

It seems to me your statement can't be correct, because this is ALWAYS
the case.  A local exploit requires that a local user run an
executable.  A remote exploit requires that a local user run an
executable, even if that is accomplished merely by booting the system.
All exploits require running code, and code doesn't magically start
itself...  Running code is required, because it is the very running
code which is being exploited.

Maybe so, however with the case of the BIND attack, the vulnerability in
locally running code (named) is being exploited by a remote attacker via the

In the case of an e-mail containing malicious code, the code being exploited
(parts of the Windows kernel or whatever) is being attacked by code running
locally - on the *same* machine. In this sense it can hardly qualify as a
"remote" exploit.

- -- 
G. Stewart - gstewart () spamcop net

A lot of money is tainted.   'Taint yours and 'taint mine.
Version: GnuPG v1.4.1 (GNU/Linux)


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]