lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 4 Nov 2008 17:39:25 -0500
From: Jim Paris <jim@...n.com>
To: bugtraq@...urityfocus.com
Subject: Applications can open up remote root access on G1 Phone

Hi,

Google Android applications on the T-Mobile G1 can spawn a telnetd
that gives remote root access to your phone:

http://www.android-unleashed.com/2008/11/howto-get-root-on-your-android-g1-and.html

This particular method needs user interaction, but a rogue Android app
could easily run telnetd automatically.  Android apps are not normally
granted this sort of permission, and granting root is not supposed to
even be possible.

-jim

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ