Privilege escalation

From Wikipedia, the free encyclopedia

(Redirected from Escalated privileges attack)
Jump to: navigation, search

Privilege escalation is the act of exploiting a bug in an application to gain access to resources which normally would have been protected from an application or user. The result is that the application performs actions with a higher security context than intended by the application developer or system administrator.

Privilege escalation occurs when an application with high privileges has flawed assumptions about how it will be used.

Privilege escalation also occurs in web applications in two forms:

1) Vertical Privilege Escalation - where a lower privilege user accesses functions or content reserved for higher privilege users (e.g. Internet Banking User A accesses Administrator functions); and

2) Horizontal Privilege Escalation (more commonly known as Cross-calation) - where a normal user accesses functions or content reserved for other normal users (e.g. Internet Banking User A accesses the Internet bank account of User B)

In some cases a high-privilege application assumes that it will only be provided with input that matches its interface specification, and doesn't validate the input. An attacker may then be able to exploit this assumption so that unauthorized code is run with the application's privileges:

  • A Windows service is usually configured to run under the Local System user account. A vulnerability such as a buffer overflow may be used to execute arbitrary code with privilege elevated to Local System.
  • In certain versions of Linux kernel it was possible to write a program that would set its current directory to /etc/cron.d, request that a core dump be performed in case it crashes and then have itself killed by another process. The core dump file would have been placed at the program’s current directory, that is, /etc/cron.d, and cron would have treated it as a text file instructing it to run programs on schedule. Because the contents of the file would be under attacker’s control, the attacker would be able to execute any program with root privileges. [1]
  • Cross Zone Scripting is a type of privilege escalation attack in which a website subverts the security model of web browsers so that it can run malicious code on client computers.

There are also situations where an application can use other high privilege services and has incorrect assumptions about how a client could manipulate its use of these services:

  • An application that can execute Command line or shell commands could have a Shell Injection vulnerability if it uses unvalidated input as part of an executed command. An attacker would then be able to run system commands using the application's privileges.

Comp Sci logo This computer science-related article is a stub. You can help Wikipedia by expanding it.
Retrieved from "http://en.wikipedia.org/wiki/Privilege_escalation"
Advanced Search
Included Web Search Engines


Safe Search

close

Top Matching Results

Occasionally Search.com will highlight specialized results that are based on the context of your query. Examples of specialized results include specific links to news, images, or video.

Top Matching Results may highlight information from other Search.com pages, content from the CNET Network of sites, or third party content. The listings are based purely on relevance. Search.com does not receive payment for listings in this section but our partners that provide this data may get paid for listing these products.

Sponsored Links

This section contains paid listings which have been purchased by companies that want to have their sites appear for specific search terms and related content. These listings are administered, sorted and maintained by a third party and are not endorsed by Search.com.

Search Results

Search.com sends your search query to several search engines at one time and integrates the results into one list which has been sorted by relevance using Search.com's proprietary algorithm. You can customize the list of search engines included in your metasearch from the preferences.

The search engines that are used in your metasearch may allow companies to pay to have their Web sites included within the results. To view the Paid Inclusion policy for a specific search engine, please visit their Web site. Search.com does not accept payment or share revenue with any search engine partner for listings in this section.