Dailydave mailing list archives

Re: MS08-006 under rated?

From: Cesar <sqlsec () yahoo com>
Date: Thu, 14 Feb 2008 05:42:44 -0800 (PST)

Nice articles, they mention some problems, luckily none of them are the ones I found ;) so you can imagine how many 
problems are .
I didn't know about the DACL on Local Service or Network Service services processes allowing to WRITE DAC to processes 
running account, if that works then there you have a way to compromise another process to get a high privileged token 
and elevate privileges.

Cesar.

----- Original Message ----
From: Nicolas RUFF <nruff () security-labs org>
To: dailydave () lists immunityinc com
Cc: Cesar <sqlsec () yahoo com>
Sent: Thursday, February 14, 2008 9:39:10 AM
Subject: Re: [Dailydave] MS08-006 under rated?

I'm sorry I can't give technical details at this moment, all details
will be presented at HITB Dubai.


I remember reading:
http://www.nynaeve.net/?p=149

Which gives pretty scary details on how efficient service accounts 
isolation is.

Regards,
- Nicolas RUFF


      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ 

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

MS08-006 under rated? Cesar (Feb 14)
- Re: MS08-006 under rated? Nicolas RUFF (Feb 14)
- Re: MS08-006 under rated? Andrey Kolishchak (Feb 14)
- Re: MS08-006 under rated? H D Moore (Feb 14)
- <Possible follow-ups>
- Re: MS08-006 under rated? Cesar (Feb 14)
- Re: MS08-006 under rated? Cesar (Feb 14)
  - Re: MS08-006 under rated? Andrey Kolishchak (Feb 14)