We're painting with a broad brush, but this is still a useful simplification for the sake of discussion.

These are all kinds of security problems. What's being described is what kind of privileges the attacker A had on computer C at the outset, and what kind of privileges A ended up with on C after the attack.

  • remote root - Here A starts with no access to C, and ends up with root access directly; they can do anything they want on C with no extra steps.
  • remote nonroot - Here A starts with no access to C, and ends up with relatively limited access directly; they can run shell commands for example, but they don't have full control of the machine. However, remote nonroot allows an attacker to try a large number of local root exploits to effectively promote this to remote root - it just takes longer.
  • local root - A starts with an account on C, and ends up with full access to C; they can do anything they want with no extra steps.
  • local nonroot - A starts with an account on C, and ends up with greater access to C, but not full, complete access to C, as would be the case with local root. This sometimes makes it even easier to get to local root.
  • remote DOS - Here A has no account on C at the outset, and ends up with no greater access. However, A has prevented users of C from being able to use C for something it should be able to do. For example, A might cause a web server daemon to die, preventing users from being able to access web pages served by C, or A might cause a daemon to inhale so much virtual memory that C is run out of swap space and becomes unusable for all purposes until rebooted.
  • local DOS - Here A has an account on C, and uses that account to prevent others from being able to access services provided by C. local DOS attacks are very easy in the computer world; for example, anyone with an account on a unix or linux computer can easily run a malloc bomb, which quickly runs the machine out of virtual memory. Hence, any time you give someone an account, you are granting a level of trust to that person, assuming they will act responsibly.