[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random num
From: |
David Engster |
Subject: |
bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems |
Date: |
Tue, 29 Dec 2015 23:02:55 +0100 |
User-agent: |
Gnus/5.13001 (Ma Gnus v0.10) Emacs/24.5 (gnu/linux) |
Richard Copley writes:
>>> [...]
>>
>> That's correct (it requires a Windows Server with enabled terminal
>> services), but each user session has of course its own process space, so
>> I don't see how the described attack could work there.
>
> Not sure what you mean by process space. As an unprivileged user
> you can find other users' Emacs processes without any effort (using
> tasklist.exe, for example). If you know on what port an Emacs server
> is listening (which is admittedly a difficulty), you can send bytes to it.
> I've just done so as an experiment. (I was driving both sessions so I
> knew the server port.)
You logged in with two different user accounts? I always thought
sessions from different users were better isolated from one another and
more similar to Linux containers. If that is not the case, then I agree
the attack scenario looks feasible.
-David
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Demetri Obenour, 2015/12/18
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2015/12/18
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Richard Copley, 2015/12/29
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2015/12/29
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2015/12/30
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Richard Copley, 2015/12/30
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2015/12/30
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Richard Copley, 2015/12/30
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2015/12/31
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Richard Copley, 2015/12/30
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Demetrios Obenour, 2015/12/31
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2015/12/31