search for: lpes

...ans. ?L? = ?local?, meaning you are logged-in interactively to the server, or have the ability to execute arbitrary commands remotely, which comes to the same thing. The only way Apache can be used in conjunction with an LPE to provide root access is via something like Shellshock. I?m not saying LPEs, remote shell attacks, and arbitrary command execution vulnerabilities do not exist. I?m pointing out that each of these classes of vulnerabilities are rare on their own, and rare times rare equals scarce. There?s no such thing as absolute security. There is only better and worse; somewhere alon...

On Wed, Feb 4, 2015 at 6:32 PM, Warren Young <wyml at etr-usa.com> wrote: > >>> Most such vulns are against Apache, PHP, etc, which do not run as root. >> >> Those are common. Combine them with anything called a 'local >> privilege escalation' vulnerability and you've got a remote root >> exploit. > > Not quite. An LPE can only be used

Hi All, I''m a RoR n00b that has been lurking for a week or so. About two weeks ago I bought the text version of Agile Web Development with Rails. Today, I bought the .pdf version because I run a Sony Notebook and find a .pdf more user friendly. Therefore I have the text to give away for free. If anyone in the continental US would like the copy please let me know and I''ll mail it