Ver:
Proceso mediante el cual el usuario engaña al sistema para que le otorgue derechos no autorizados, usualmente con el propósito de comprometer o destruir el sistema.
http://www.alerta-antivirus.es/seguridad/ver_pag.html?tema=S
A privilege
escalation attack is a type of network intrusion that takes advantage of
programming errors or design flaws to grant the attacker elevated access to the
network and its associated data and applications.
http://searchsecurity.techtarget.com/
When a user
(particularly a malicious user) gains more access rights than they normally
have.
http://www.getsafeonline.org/
Almost every
computer program has some notion of "privilege" built in, meaning,
permission to do some set of actions on the system. This permission is granted
to individuals based on their ability to present proper credentials (for
example, a username and password). Privilege has levels -- for example, a guest
account typically has fewer privileges than an administrator account. Many
network attacks begin with an attacker obtaining limited privileges on a
system, then attempting to leverage those privileges into greater privileges
that might ultimately lead to controlling the system. Any attempt to gain
greater permissions illicitly (typically, by impersonating a privileged user or
otherwise bypassing normal authentication) is considered an elevation of
privilege.
http://www.watchguard.com/glossary/
is the act of
exploiting a bug in an application to gain access to resources which normally
would have been protected from an application or user. The result is that the
application performs actions with a higher security context than intended by
the application developer or system administrator.
http://en.wikipedia.org/wiki/Privilege_escalation
Temas relacionados