Bugtraq mailing list archives
Re: [SE-2011-01] Security vulnerabilities in a digital satellite TV platform
From: Security Explorations <contact () security-explorations com>
Date: Wed, 04 Jan 2012 02:34:53 +0100
On 1/4/2012 12:43 AM, Jann Horn wrote: Could this also be used in order to get access to a LAN from the outside, e.g. in order to manipulate ARP tables and thereby gain access to all unencrypted network traffic? Or is that usually impossible because of how the set-top box is connected?
We haven't verified whether local LAN could be sniffed or ARP tables of other
hosts manipulated. We focused on the ability to sniff http and https traffic originating from the set-top box as they were in particular interesting for us. And we did this sniffing at the middleware level by intercepting certain API calls, not at the OS/raw socket level.Taking into account set-top box's OS type and its available API interfaces, we expect that raw network access (listening for and sending raw TCP/IP packets)
should be however possible. Thanks. Best Regards, adam gowdiak
Current thread:
- [SE-2011-01] Security vulnerabilities in a digital satellite TV platform Security Explorations (Jan 03)
- Message not available
- Re: [SE-2011-01] Security vulnerabilities in a digital satellite TV platform Security Explorations (Jan 04)
- Message not available
- Re: [SE-2011-01] Security vulnerabilities in a digital satellite TV platform Security Explorations (Jan 09)