Security Basics mailing list archives
RE: Threat scenarios from local buffer overflow
From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 21 Jan 2003 08:30:41 -0800
An attacker might exploit something like this as a second stage of an attack -- i.e., use some first vulnerability to let them "run arbitrary code" on the target machine, and use that arbitrary code to invoke something like this to elevate their permissions. (It's not obvious that running *notepad* should raise anyone's permissions, but if this overflow lets them run code as the *owner* of notepad.exe, it might -- and there could be more dangerous local executables that *do* raise permissions as part of normal operations.) Also, buffer overflows can, in some cases, drive CPU use to 100%, making for a dandy DoS attack. So while a local buffer overflow is not sufficient for a remote compromise, it's still a potential threat to the system. David Gillett
-----Original Message----- From: SmartKID [mailto:flawpee () rediffmail com] Sent: January 11, 2003 09:45 To: security-basics () securityfocus com Subject: Threat scenarios from local buffer overflow Hi, Are there any possible threat scenarios from a buffer overflow in an executable stored locally. For instance, say something like notepad.exe has a buffer overflow, which might be exploited by issuing notepad aaaaaa(3000 times).txt Would this allow any sort of system compromise or privilege execution? Thanks SmartKIDJoe
Current thread:
- Threat scenarios from local buffer overflow SmartKID (Jan 19)
- RE: Threat scenarios from local buffer overflow David Gillett (Jan 23)