Full Disclosure mailing list archives
Re: Apple iOS v6.1 (10B143) - Code Lock Bypass Vulnerability #2
From: Vulnerability Lab <research () vulnerability-lab com>
Date: Wed, 20 Feb 2013 02:58:12 +0100
Hey Kirils Solovjovs, the secound issue is different to the once reported some days ago to heise online. The heise online issue (reported by another person) for example allows with pressed button (only) to handle some of the functions like calls, voicemail, contacts like you see in the video. The secound issue allows you to bypass the code lock by using the screenshot function which results in a blackscreen with the blue standard template status bar. Attackers do not need to hold any button or call the emergency itself to bypass the login. So why should i report an issue of another researcher? The combo to use it and the reproduce is totally different. I do not know him and decided to drop my bug also after waiting 4 month. His issue was reported 1 year ago and i like + respect it. Thats all. ;) After Jerookie flamed around we also droped a message on twitter to make sure both issues are different. It is the same bullshit he did when we released the skype bug and msrc confirmed we have a seperate one. Thats all ~bye -- VULNERABILITY RESEARCH LABORATORY LABORATORY RESEARCH TEAM CONTACT: research () vulnerability-lab com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Apple iOS v6.1 (10B143) - Code Lock Bypass Vulnerability #2 Vulnerability Lab (Feb 17)
- Re: Apple iOS v6.1 (10B143) - Code Lock Bypass Vulnerability #2 Julius Kivimäki (Feb 18)
- Re: Apple iOS v6.1 (10B143) - Code Lock Bypass Vulnerability #2 andfarm (Feb 18)
- Re: Apple iOS v6.1 (10B143) - Code Lock Bypass Vulnerability #2 Kirils Solovjovs (Feb 18)
- <Possible follow-ups>
- Re: Apple iOS v6.1 (10B143) - Code Lock Bypass Vulnerability #2 Vulnerability Lab (Feb 19)