Yes, I believe I have a way to attack a mainframe system where I don't
have access.
Ray Overby
Key Resources, Inc.
Ensuring System Integrity for z/Series™
www.zassure.com
(312)574-0007
On 3/28/2012 02:03 AM, Elardus Engelbrecht wrote:
Ray Overby wrote:
I am a vendor so take my post with a grain of salt. For those that don't like
vendors to respond stop reading now...... (flame on)
I will take your post seriously. I have reviewed you webpage. Very interesting.
You confirmed what I suspected, especially after those threads about [mis]use
of SVC.
One question if you don't mind please:
Can you use or prove your point (elevating TSO, suppress SMF, etc) without
being given access to a system in the first place? The idea is that you could
enter a system and elevate yourself and place somewhere a signature to prove
that you could 'white hack' the target system.
Just a yes or no, please, because I realize that due to the nature not too much
info can be divulged.
The ESM products did not stop the TSO user from exploiting this vulnerability.
Very true. ESM is just a database.
As said many times on RACF-L, it is the caller which call ESM, the ESM decides
on what is found in its own database and report back with RC=0/4/8 plus reason
codes.
It is up to the whatever caller to honour the RC from an ESM.
If you are not concerned that your users can crash your z/OS system at any time
(maliciously or accidentally)
As I have said, it is the INSIDER who are probably the greatest threat.
Groete / Greetings
Elardus Engelbrecht
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN