Can I ask how a “local exploit” would be a risk factor if combined by a “remote exploit” on a web server? Take the website running on the server out the equation, the server is running IIS and say server 2003. Can you explain to me in management terms how
a) a remote exploit would put an attacker in the position to attack the “local exploit”, i.e. what type of “remote vulnerabilities” would get them in a position to attack the local on a typical web server.
b) the types of local exploit that would need to be checked (I am assuming OS patches, local accounts/weak passwords would be the 2 obvious ones, but are there any more? )
If you could put this in the context of apache web server running ubuntu as OS, or an IIS web server running on Windows 2003 server that would help me no end.