[conspire] "Lupper Worm" and the patching of bad software
ryan at thievco.com
Wed Nov 9 12:36:02 PST 2005
Rick Moen wrote:
> Oh, by the way, I should stress, also, that none of those are remote
> root exploits: A successful attack would, in itself, accomplish nothing
> more for the intruder than compromising the Web server, e.g., to deface
> it. A broader compromise of the attacked host would require that the
> host also have separate, local vulnerabilities that permit escalation of
> privilege to the root (or equivalent) user's authority.
And it continues to spread while running as the non-privileged user, yes?
More information about the conspire