Privilege escalation

Privilege escalation is the act of exploiting a bug in an application to gain access to resources which normally would have been protected from an application or user. The result is that the application performs actions with a higher security context than intended by the application developer or system administrator.

• Cross Zone Scripting, is a type of privilege escalation attacks.
• A Microsoft Windows Service is usually configured run as Local System command. A vulnerability, e.g. buffer overflow or Shell Injection may be used to execute arbitrary code with privilege elevated to Local System.
• In Unix it is not uncommon to have a few commands with suid root. A vulnerability, e.g. Buffer Overflow or Shell Injection may be used to execute arbitrary code with privilege elevated to root.

• principle of least privilege

This computing article is a stub. You can help Wikipedia by expanding it.

• v
• t
• e