|
Dailydave
mailing list archives
Re: MS08-006 under rated?
From: Cesar <sqlsec () yahoo com>
Date: Thu, 14 Feb 2008 05:42:44 -0800 (PST)
Nice articles, they mention some problems, luckily none of them are the ones I found ;) so you can imagine how many
problems are .
I didn't know about the DACL on Local Service or Network Service services processes allowing to WRITE DAC to processes
running account, if that works then there you have a way to compromise another process to get a high privileged token
and elevate privileges.
Cesar.
----- Original Message ----
From: Nicolas RUFF <nruff () security-labs org>
To: dailydave () lists immunityinc com
Cc: Cesar <sqlsec () yahoo com>
Sent: Thursday, February 14, 2008 9:39:10 AM
Subject: Re: [Dailydave] MS08-006 under rated?
I'm sorry I can't give technical details at this moment, all details
will be presented at HITB Dubai.
I remember reading:
http://www.nynaeve.net/?p=149
Which gives pretty scary details on how efficient service accounts
isolation is.
Regards,
- Nicolas RUFF
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
 By Date 
By Thread
Current thread:
| 
Intro
