Comment by hackernudes
15 hours ago
I've read many CVEs (somehow that acronym is ok... heh) but have never seen LPE despite being familiar with the concept.
15 hours ago
I've read many CVEs (somehow that acronym is ok... heh) but have never seen LPE despite being familiar with the concept.
That seems literally borderline impossible.
I think they've almost certainly seen it written out, just not as an acronym. I figured out what it stood for based on context and knowing the full phrase, but I don't recall actually seeing the LPE acronym in recent memory. Whereas with CVE it's the opposite: I almost never see it written out, and even now find it non-obvious what the E stands for, bizarrely enough.
You should re-evaluate your probabilities, I too have heard frequently of CVEs, but never of an LPE.
I'm sure lots of people have heard of CVEs, but have you actually read many? LPE is an extremely common term. It's like not knowing RCE. These are the terms used.
3 replies →
I could see it for someone who is only somewhat in tune with security work today.
Back in the day those of us breaking into shitty php sites didn't use LPE, we used "privesc", IIRC.