RE: Windows Vista Power Management & Local Security Policy

To: "James C. Slora Jr." <james.slora@xxxxxxxx>, "bugtraq@xxxxxxxxxxxxxxxxx" <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: RE: Windows Vista Power Management & Local Security Policy
From: Jim Harrison <Jim@xxxxxxxxxxxx>
Date: Tue, 22 Jul 2008 12:46:43 -0700
Accept-language: en-US
Acceptlanguage: en-US
In-reply-to: <ED4D2B7262D0FF46B802B35FF362FE68031B0193@xxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <000f01c8e87f$a08b3f30$e1a1bd90$@com> <097B1E4792366344925A4B6B99C00A8240A2264AA3@xxxxxxxxxxxxxxxxxxxxxxxx> <001001c8e971$b5804dc0$2080e940$@com> <F9C0B32C4FFE7147BD0FF6A40BE806E7038DCA@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <000001c8ea9f$4ccdbb30$e6693190$@com> <097B1E4792366344925A4B6B99C00A8240A2264AAC@xxxxxxxxxxxxxxxxxxxxxxxx> <000001c8eab4$92939ee0$b7badca0$@com>,<ED4D2B7262D0FF46B802B35FF362FE68031B0193@xxxxxxxxxxxxxxxxxxxxxxxx>
Thread-index: Acjof3xqsydaAaMkSWqm9Va+FLqyzwA4S4gAAAOlA1AAH4DHYAAscoMwAAGBC2AAA7KXsABWL/0AAAl6bYA=
Thread-topic: Windows Vista Power Management & Local Security Policy

You can't waste your time chasing things that "might lead to cats & dogs living 
together in sin".  Specifically, there's no "privilege escalation" beyond that 
which began with "if I install..."  It's pretty well understood that once you 
have the ability to place your own code on a machine, it's "game over".

Don'tet me wrong; I think it's quite valid for someone to report something they 
feel is a vuln; even (or maybe even especially) if they can't demonstrate an 
exploit based on it.  There have been plenty of reports herein and without that 
were actually proven by others.  This is one of the things that makes open 
discussion so valuable.

So far, no one has demonstrated an exploit that depends on this behavior 
_alone_.

Jim

________________________________________
From: James C. Slora Jr. [james.slora@xxxxxxxx]
Sent: Tuesday, July 22, 2008 8:15 AM
To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: RE: Windows Vista Power Management & Local Security Policy

So is this the bottom line?

This is a security mechanism bug that might lead to privilege escalation
for arbitrary user processes. The OP has left it for others to determine
exploitability.

References:
- Windows Vista Power Management & Local Security Policy
  - From: Abe Getchell
- RE: Windows Vista Power Management & Local Security Policy
  - From: Jim Harrison
- RE: Windows Vista Power Management & Local Security Policy
  - From: Abe Getchell
- RE: Windows Vista Power Management & Local Security Policy
  - From: Thor (Hammer of God)
- RE: Windows Vista Power Management & Local Security Policy
  - From: Abe Getchell
- RE: Windows Vista Power Management & Local Security Policy
  - From: Jim Harrison
- RE: Windows Vista Power Management & Local Security Policy
  - From: Abe Getchell
- RE: Windows Vista Power Management & Local Security Policy
  - From: James C. Slora Jr.

Prev by Date: RE: Windows Vista Power Management & Local Security Policy
Next by Date: [ MDVSA-2008:152 ] - Updated wireshark packages fix denial of service vulnerability
Previous by thread: RE: Windows Vista Power Management & Local Security Policy
Next by thread: RE: Windows Vista Power Management & Local Security Policy
Index(es):
- Date
- Thread