Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Shoe 1.0 - Remote Lace Overflow
From: "Alex V. Lukyanenko" <y_avenger_y () ua fm>
Date: Fri, 24 Dec 2004 10:34:44 +0200

I understand the concept of Funn-Disclosure, but did you conact all
the affected vendors and wait at least one week for initial response?

Alex V. Lukyanenko | 86195208 () icq | y_avenger_y () ua fm

Wednesday, December 22, 2004, 6:20:45 PM, you wrote:

a0o>  Shoe 1.0 - Remote Lace Overflow
a0o>  --------------------------------------------

a0o>  This Vulnerability is in reference to the new class of remote vulnerabilities
a0o>  indicated in: 
a0o> http://www.securityfocus.com/archive/1/385078/2004-12-19/2004-12-25/2
a0o>  [Please read that first] 

a0o>  Discovery Credited To:
a0o>  ----------------------
a0o>    freshman - 0x90.org
a0o>    wxs      - 0x90.org
a0o>    txs      - 0x90.org

a0o>  Greets:
a0o>  -------
a0o>  Jonathan T. Rockway for being the smartest man alive.

a0o>  Description:
a0o>  ------------
a0o>  A remote shoe vulnerability exists that could allow for remote tripping and
a0o>  possible exposure of sensitive data to the pavement.

a0o>  Scope:
a0o>  ------
a0o>  REMOTE

a0o>  Severity:
a0o>  ---------
a0o>  Hyper-Critical. This needs no explanation.

a0o>  Vulnerability:
a0o>  --------------
a0o>  Failure to properly tie your shoe could result in tripping and a possible
a0o>  broken face upon sudden deceleration when hitting the pavement.

a0o>  Vulnerable Sizes: 
a0o>  -----------------
a0o>  6 through 13. Other sizes may be vulnerable, but were unavailable for testing.

a0o>  Exploitation:
a0o>  -------------
a0o>  You have a 100% secure walking system - you do not fall down, or trip over
a0o>  your own laces.  A remote attacker could determine your shoe size by reading
a0o>  your livejournal FROM THE NETWORK and could MAIL YOU a shoe with extra long
a0o>  laces.  You put the shoe on without tying it properly and suddenly are exposed
a0o>  to a REMOTE shoe vulnerability!

a0o>  Fix:
a0o>  ----
a0o>  Do not wear untrusted shoes sent to you. Other possible workarounds include
a0o>  sandals (aka. flip-flops). These are a good work-around and are widely
a0o>  available for those concerned about their security. 

a0o>  Vendor Notification:
a0o>  --------------------
a0o>  Vendors were not notified at the time of this writing.  We have choosen not to
a0o>  give advance notice because the fault is not always with the vendor of the
a0o>  shoe as a REMOTE PERSON could SNAIL MAIL a LOCAL USER a  vulnerable shoe.

a0o>  We at 0x90.org believe that the users should be happy they were notified about
a0o>  this.  Imagine the mass destruction and chaos that would ensue if we unleashed
a0o>  a REMOTE SHOE VULNERABILITY WORM into the wild.  At this time we have choosen
a0o>  not to do that, mostly because we can not afford all the stamps to mail
a0o>  vulnerable shoes to the public.

a0o> _______________________________________________
a0o> Full-Disclosure - We believe in it.
a0o> Charter: http://lists.netsys.com/full-disclosure-charter.html

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]