[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Shoe 1.0 - Remote Lace Overflow

To: announce@xxxxxxxx
Subject: Re: [Full-Disclosure] Shoe 1.0 - Remote Lace Overflow
From: "Alex V. Lukyanenko" <y_avenger_y@xxxxx>
Date: Fri, 24 Dec 2004 10:34:44 +0200

Hello.
I understand the concept of Funn-Disclosure, but did you conact all
the affected vendors and wait at least one week for initial response?

-- 
Alex V. Lukyanenko | 86195208@icq | y_avenger_y@xxxxx



Wednesday, December 22, 2004, 6:20:45 PM, you wrote:

a0o>  Shoe 1.0 - Remote Lace Overflow
a0o>  --------------------------------------------

a0o>  This Vulnerability is in reference to the new class of remote 
vulnerabilities
a0o>  indicated in: 
a0o> 
a0o> http://www.securityfocus.com/archive/1/385078/2004-12-19/2004-12-25/2
a0o>  [Please read that first] 

a0o>  Discovery Credited To:
a0o>  ----------------------
a0o>    freshman - 0x90.org
a0o>    wxs      - 0x90.org
a0o>    txs      - 0x90.org

a0o>  Greets:
a0o>  -------
a0o>  Jonathan T. Rockway for being the smartest man alive.

a0o>  Description:
a0o>  ------------
a0o>  A remote shoe vulnerability exists that could allow for remote tripping 
and
a0o>  possible exposure of sensitive data to the pavement.

a0o>  Scope:
a0o>  ------
a0o>  REMOTE

a0o>  Severity:
a0o>  ---------
a0o>  Hyper-Critical. This needs no explanation.

a0o>  Vulnerability:
a0o>  --------------
a0o>  Failure to properly tie your shoe could result in tripping and a possible
a0o>  broken face upon sudden deceleration when hitting the pavement.

a0o>  Vulnerable Sizes: 
a0o>  -----------------
a0o>  6 through 13. Other sizes may be vulnerable, but were unavailable for 
testing.

a0o>  Exploitation:
a0o>  -------------
a0o>  You have a 100% secure walking system - you do not fall down, or trip over
a0o>  your own laces.  A remote attacker could determine your shoe size by 
reading
a0o>  your livejournal FROM THE NETWORK and could MAIL YOU a shoe with extra 
long
a0o>  laces.  You put the shoe on without tying it properly and suddenly are 
exposed
a0o>  to a REMOTE shoe vulnerability!

a0o>  Fix:
a0o>  ----
a0o>  Do not wear untrusted shoes sent to you. Other possible workarounds 
include
a0o>  sandals (aka. flip-flops). These are a good work-around and are widely
a0o>  available for those concerned about their security. 

a0o>  Vendor Notification:
a0o>  --------------------
a0o>  Vendors were not notified at the time of this writing.  We have choosen 
not to
a0o>  give advance notice because the fault is not always with the vendor of the
a0o>  shoe as a REMOTE PERSON could SNAIL MAIL a LOCAL USER a  vulnerable shoe.

a0o>  We at 0x90.org believe that the users should be happy they were notified 
about
a0o>  this.  Imagine the mass destruction and chaos that would ensue if we 
unleashed
a0o>  a REMOTE SHOE VULNERABILITY WORM into the wild.  At this time we have 
choosen
a0o>  not to do that, mostly because we can not afford all the stamps to mail
a0o>  vulnerable shoes to the public.


a0o> _______________________________________________
a0o> Full-Disclosure - We believe in it.
a0o> Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Shoe 1.0 - Remote Lace Overflow
  - From: announce

Prev by Date: Re: [Full-Disclosure] Cross-Site Scripting - an industry-wide problem
Next by Date: Re: [Full-Disclosure] This sums up Yahoo!s security policy to a -T-
Previous by thread: [Full-Disclosure] Shoe 1.0 - Remote Lace Overflow
Next by thread: Re: [Full-Disclosure] Shoe 1.0 - Remote Lace Overflow
Index(es):
- Date
- Thread