Full Disclosure mailing list archives
Britannia Security Advisory 001-2004 version 1.0
From: Feher Tamas <etomcat () freemail hu>
Date: Mon, 26 Jan 2004 17:33:53 +0100 (CET)
Britannia Security Advisory 001-2004 version 1.0 Attack described: Valid input at vulnerable ports can result in loss of system integrity. Vulnerable systems: Operating system: Microsoft Hardware: William H. Gates III Attack method: small natural variations in regular operation of legacy systems may result in data transfer vector hitting incorrect port on vulnerable host. Requirements: Only particular legacy systems can act as attack source. Vendor: Windsor (formerly Saxe-Coburg-Gotha) Model: QE2 revision 1926 Attack data packet (Label:Offset) KBE:1917 Specific packet data in ASCII format follows: "Knight Commander of the Most Excellent Order of the British Empire" Vector: Sword Symptoms: Loss of systems integrity, ear falls off. Mitigation strategies: Proactive: a., Replace attacker. Prior consultation recommended, see: Rumsfeld, Donald Pro: Some irish guys will thank you Con: High costs, popular resistance, media fallout needs be considered b., Hire "set a thief to catch a chief" whitehat with prior blackhat experience in such ear attacks to evaluate risks and assess defensive methods. See: Simon "Kefas The Stone" Peter Pro: documented to work Con: most vendors refuse to deal with ex black-hats, named consultant a known liar. c., Physical protection of the vulnerable system recommended. See: http://money.cnn.com/2004/01/26/technology/gates_knight.reut/gates_ knight2.03.jpg Reactive: a., Apply patches and cover damages with insurance policy. Forensics almost never required, but surgery can restore systems integrity up to 90-95%. a., Hire consultant with prior experience in similar environment, who advises on mitigating long-term effects of said systems integrity breach. See: Lauda, Niki, Formula 1, Champion, Three times. c., Whitehat already mentioned under paragraph "Proactive / b." may contract a specialist, who is certified to restore ears integrity 100%. Pro: Successful transaction can result in reception of further input values. See: beatification, canonization, sainthood Con: May require prior consultation with a joint polish-italian competitor by the brand name JPII. May require changing vendor to a JPII recommended supplier, which can result in loss of original input data, due to vendor incompatibility between the attacker and 3rd party consultant. End of security advisory 001-2004-version 1.0 ************************************************* Consumer version of security bulletin available at: http://newsvote.bbc.co.uk/mpapps/pagetools/print/news.bbc.co.uk/2/hi /uk_news/3428673.stm Last modified: 26/01/2004 16:35GMT 8-) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Britannia Security Advisory 001-2004 version 1.0 Feher Tamas (Jan 26)