CERT mailing list archives

Current Activity - Energizer DUO USB Battery Charger Software Allows Remote System Access

From: Current Activity <us-cert () us-cert gov>
Date: Mon, 8 Mar 2010 10:55:26 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Energizer DUO USB Battery Charger Software Allows Remote System Access

Original release date: March 8, 2010 at 10:26 am
Last revised: March 8, 2010 at 10:26 am


US-CERT is aware of a backdoor in the software for the Energizer DUO
USB battery charger. This backdoor may allow a remote attacker to list
directories, send and receive files, and execute programs on an
affected system. The software, which has been discontinued, was
available for both Windows and Apple Mac OS X versions. Only the
Windows version is affected by this vulnerability.

US-CERT encourages users and administrators to review Vulnerability
Note VU#154421 and apply the recommended solutions.

Relevant Url(s):
<http://www.kb.cert.org/vuls/id/154421>

====
This entry is available at
http://www.us-cert.gov/current/index.html#engergizer_duo_usb_battery_charger

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS5UdXT6pPKYJORa3AQLK7gf8DXaY7utnvXZaiMxT/wZ3LPa4odOy+i1z
g91gUJzPXaaZtguEfkTwztsc7IZp4tu7omzrMf5GNjl6bj2Vkj4ujvwmPX3VVBhA
X/XAMFdCAXis1Pg9z77Y2BnvlAmqQysVGH+4OL7zPwyvXSJL2yOPXklno2w99Im2
kU00vmPuCyjOHXVwT4VxMCirnruDLcIhWF6PM9aT5lrMFN32GHFqlaOB2h5D3tOb
Ys+hd/jctlSvby6zNOIGCokAn9qv6GLaxUggtZWi5PWMABzz14YIxbagpjGwjjRf
FO0gkd+9WW52fheAegTtevGVZ8TdjhwLaifFxMHWW3FTh6oK8G4yrg==
=rnW/
-----END PGP SIGNATURE-----

Current thread:

Current Activity - Energizer DUO USB Battery Charger Software Allows Remote System Access Current Activity (Mar 08)