Alun Jones spouted this > These are not vulnerabilities at all. This is how the SeDebugPrivilege is > supposed to work.
No its not. This could be used for bypasses host based IDS for one thing, I think thats pretty useful from an attackers point of view no? Theres quite a few prodcuts that try and protect the NT kernel from modification by hooking the SCM calls and NtSetSystemInformation(and \\device\physicalmemory of course) so that you cant load a .sys file. Also this allows you to modify the kernel without having a .sys file which is kinda cool. Its more informative than the 'gayer than aids' thread anyway _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
