[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Remote Command Execution on Cisco WAG120N

To: full-disclosure <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Remote Command Execution on Cisco WAG120N
From: gremlin@xxxxxxxxxx
Date: Tue, 27 Nov 2012 09:41:09 +0400

On 26-Nov-2012 11:47:37 +0200, Julius Kivim?ki wrote:

 > Is a privilege escalation vulnerability in Linux not a
 > vulnerability if it requires authentication?

Depends of the ratio between credentials supplied and access gained.
Is the `ssh root@localhost` a vulnerability?

-- 
Alexey V. Vissarionov aka Gremlin from Kremlin
<gremlin ПРИ gremlin ТЧК ru>
GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net
GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Remote Command Execution on Cisco WAG120N
  - From: Manu
- Re: [Full-disclosure] Remote Command Execution on Cisco WAG120N
  - From: Gary Driggs
- Re: [Full-disclosure] Remote Command Execution on Cisco WAG120N
  - From: Julius Kivimäki

Prev by Date: [Full-disclosure] Possible infection of Piwik 1.9.2 download archive
Next by Date: [Full-disclosure] Spotify Playlists - Persistent Cross Site Scripting
Previous by thread: Re: [Full-disclosure] Remote Command Execution on Cisco WAG120N
Next by thread: Re: [Full-disclosure] Remote Command Execution on Cisco WAG120N
Index(es):
- Date
- Thread