From the course: CompTIA CySA+ (CS0-002) Cert Prep: 2 Vulnerability Management (2020)
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Privilege escalation
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 2 Vulnerability Management (2020)
Privilege escalation
- [Instructor] Software developers must take care to write code that is not susceptible to privilege escalation attacks. Escalation of privilege attacks seek to take normal user accounts and transform them into accounts with administrative rights. This can be especially dangerous on systems that have external exposure allowing someone on the internet to take control of a server. Privilege escalation vulnerabilities often arise as a result of buffer overflow issues or other security vulnerabilities in code that allow an end user to execute arbitrary instructions on the server. When the end user gets access to the underlying operating system, he or she can take advantage of privilege escalation vulnerabilities to leverage that access into administrative privileges. There are some basic mitigation strategies that developers and operations teams can take to reduce the likelihood of privilege escalation attacks. First…
Contents
-
-
-
-
-
-
-
-
(Locked)
OWASP (Open Web Application Security Project)5m 24s
-
(Locked)
Preventing SQL injection5m 29s
-
(Locked)
Understanding cross-site scripting6m 38s
-
(Locked)
Privilege escalation2m 14s
-
(Locked)
Directory traversal3m 16s
-
(Locked)
Race conditions2m 39s
-
(Locked)
Dereferencing NULL pointers2m 33s
-
(Locked)
Third-party code5m 40s
-
(Locked)
Interception proxies5m 22s
-
(Locked)
-
-
-