Full Disclosure mailing list archives

Re: Remote Command Execution on Cisco WAG120N

From: gremlin () gremlin ru
Date: Tue, 27 Nov 2012 09:41:09 +0400

On 26-Nov-2012 11:47:37 +0200, Julius Kivim?ki wrote:

Is a privilege escalation vulnerability in Linux not a
vulnerability if it requires authentication?


Depends of the ratio between credentials supplied and access gained.
Is the `ssh root@localhost` a vulnerability?


-- 
Alexey V. Vissarionov aka Gremlin from Kremlin
<gremlin ПРИ gremlin ТЧК ru>
GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net
GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Remote Command Execution on Cisco WAG120N Manu (Nov 22)
- Re: Remote Command Execution on Cisco WAG120N Gary Driggs (Nov 26)
  - Re: Remote Command Execution on Cisco WAG120N Manu (Nov 26)
  - Re: Remote Command Execution on Cisco WAG120N Julius Kivimäki (Nov 26)
    - Re: Remote Command Execution on Cisco WAG120N Gary Driggs (Nov 26)
    - Re: Remote Command Execution on Cisco WAG120N Benji (Nov 26)
    - Re: Remote Command Execution on Cisco WAG120N Gary (Nov 28)
    - Re: Remote Command Execution on Cisco WAG120N Ulisses Montenegro (Nov 28)
    - Re: Remote Command Execution on Cisco WAG120N gremlin (Nov 27)
  - Re: Remote Command Execution on Cisco WAG120N andfarm (Nov 27)