> um ... doesn't that make it a *remote* privilege escalation ?
in a certain way... you're right... although that requires the user complicity, strictly speaking, you're right. The guy who would manage to remotely root a box with that vulnerability would be really good. The real serious risk is local only. (think about all that unpatched linux boxes in the universities...) Cheers, -- Raphaƫl Marichez aka Falco
pgpky8o3NaYgL.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
