Symantec Stays On Trail Of Vista Bugs
News After poking around the Windows Vista networking stack, Symantec researchers have tried out privilege-escalation attacks on an early version of the Windows XP successor. The triviality of this privilege escalation.foreshadows the grave difficulty...
[July 25, 2006, 9:40]
Oracle Accidentally Exposes Database Security Hole
News The flaw opens the door to privilege escalation, meaning that database users with limited privileges could take advantage of it to gain more rights. Depending on the architecture of the application, it is possible to modify data, escalate...
[April 12, 2006, 9:35]
Flaw Found In Apple Bug-fix Tool
News The file is writable, as well as the whole tree under /Library/Frameworks, allowing this vulnerability to be abused for privilege escalation. The flaw allows local users to gain root privileges in the system, allowing them to compromise machines.
[January 9, 2007, 16:12]
Mac Security Concerns Grow
News Of the 25 vulnerabilities, 14 included the possibility of executing arbitrary code, and a handful also involved privilege escalation," Richmond said. If an attacker hacks the web service on a Windows system, then the attacker immediately has full...
[May 1, 2007, 10:50]
Flaw Leaves Work PCs And Internet Cafes Open
News Such situations are where privilege-escalation attacks are most dangerous, Lavery said. No wonder: The vast majority of home users have full administrator rights on their PCs, making privilege escalation a moot attack.
[July 14, 2003, 7:36]
Debian Team Confirm Linux Flaw Allowed Attack
News The technique is known as a privilege escalation. Using the September flaw, the attacker gained owner privileges on Klecker. The flaw -- in a part of the kernel that manages memory -- allows only users that already have access to the system to...
[December 2, 2003, 10:15]
Fresh Mac Hacking Competition Launched
News Assuming it is genuine, it represents an as-yet-unknown local privilege escalation that would allow any local user to gain root-level access," he said. A privilege escalation flaw could let a malicious user with such access gain full control over a...
[March 8, 2006, 8:50]
Windows API 'flaw' Sparks Security Debate
News It's not just privilege-escalation attacks you can do through this. It is impossible to estimate how common such applications are without investigating them individually, but "potentially any program that does something that requires high...
[August 8, 2002, 13:18]
Adobe Patches Mac Security Flaws
News Security researchers with the French Security Incident Response Team rate the issues "medium" risk, which means they could be exploited remotely and locally, leading to a denial of service or an escalation of privileges.
[June 29, 2005, 13:00]
Mac Users 'must Wise Up To Social Engineering'
News A local privilege escalation vulnerability, however, would have been quite useful for the malware to escalate privileges on the compromised host, without requiring user interaction. It's not just PC users who can be victims of their own stupidity...
[February 21, 2006, 9:20]
Debian Attacker May Have Used New Exploit
News Initial investigations of the security breach, which occurred on 19 November, indicate that the attacker was able to gain full control of Debian servers after logging on via unprivileged accounts, known as privilege escalation, according to James...
[November 28, 2003, 14:05]
How To Talk To Microsoft About Linux
Talkback Even if exploited, there would still need to be a secondary attack to provide any real access to the host machine (such as a local privilege escalation attack). MS's OS's, until recently, had no way to separate the the "root" privileges from the...
[June 14, 2004, 23:57]
Router And VoIP Bugs Zapped By Cisco
News Two flaws exist in the software: one could allow an attacker to paralyse a Cisco IP telephony installation, the other could allow someone with read-only access to the system to gain full privileges, according to the alerts.
[January 19, 2006, 11:40]
Microsoft Patches Seven Holes
News The vulnerability could enable someone who already has limited user privileges on a vulnerable computer to gain admin rights, Microsoft said in Security Bulletin MS06-011. As part of its monthly patch cycle, Microsoft on Tuesday released fixes for...
[March 15, 2006, 8:45]
