| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 29 Jan 2009 17:04:53 -0600
From: hack ery <hackery.channel@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Hackery Channel 01-09-01-LOLZ: Cat Spoofing
against Flow Control
Security Risk: High
Exploitable: Local
Vulnerability: Arbitrary Flow Control Control, Cat Spoofing
Discovered by: The Hackery Channel
Tested: No
The Flow Control project is an access control project for a cat. It
consists of a cat door, an electromagnetic latch, a access control device,
and image recognition software that allows Flow to enter the house, and only
when she is not carrying prey. When Flow is within proximity of the door,
she passes through a light that casts a shadow on an area monitored by a
camera. If the silouhette, appears to be Flow without prey, access is
granted.
Cat Spoofing: An attacker could potentially gain access by posing as a
kitty by placing a cut out of the kitty next to the light.
Mitigation: None.
Work around: Guard dog
Vendor Notified: No
Vendor Site: http://www.quantumpicture.com/Flo_Control/flo_control.htm
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists