[Info-vax] VSI strategy for OpenVMS
Arne Vajhøj
arne at vajhoej.dk
Fri Sep 17 19:03:17 EDT 2021
On 9/17/2021 2:09 PM, Simon Clubley wrote:
> On 2021-09-17, Arne Vajhøj <arne at vajhoej.dk> wrote:
>> If they can insert and try execute x86-64 instructions then I would
>> expect that the same would be possible with Alpha instructions and
>> that it could work.
>
> Once they have learnt the Alpha architecture and compiled a cross
> assembler for Alpha. They will already know the x86-64 architecture
> and have an assembler to hand.
Sure.
But I would not let security depend on attackers being too lazy to
learn Alpha assembler.
>> The vulnerability needs to get identified and fixed.
>>
>> Actually executing some code looks super cool as a screenshot. But
>> it does not matter from a security perspective.
>>
>
> It most certainly does matter !!!!
>
> If it's a simple crasher, any data on the system cannot be accessed
> using it.
>
> If the researchers have turned it into a RCE vulnerability, then an
> attacker could have done the same against live sites and their data
> could now be compromised.
You do not seem to get it.
If they are able to insert and get executed x86-64 instructions
then they have proven that there is a RCE vulnerability that need
to be fixed.
That is what matters.
If they had inserted valid Alpha instructions then
they could have shown something actually being executed.
But the vulnerability does not go away by not being
demonstrated fully.
So it does not matter security wise.
The full demonstration looks cool in screenshots and
may be more efficient to convince the PHB that there
is a vulnerability. But technically it is not required.
Arne
More information about the Info-vax
mailing list