lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200209192024.g8JKOZx54613@mailserver4.hushmail.com>
From: empirical at hushmail.com (empirical@...hmail.com)
Subject: Empircal Security Advisory: Otis Elevator Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

EMPIRICAL SECURITY ADVISORY 0x01

Product: Otis Elevator 12 Passenger, 2000lbs Model

Summary:
A resource consumption attack exists in Otis elevators that could lead to potential denial of service.

Background
So, the other night, I'm out at the pub with the boys drinking a few pints.  One thing leads to another, and we're hitting on fat chicks.  I end up taking one home with me.  So, on the way home, I decide I'm going to stick her in the rear, and we stop at the grocery to pick up some Crisco.

Now, allow me to reiterate.  This girl was BIG.  The top of her arm looked like the top of my thigh.

So, we get back to my apartment building and start the long elevator ride to my 36th floor (penthouse) level apartment.  During the ride, the elevator engine burns out from hauling this girl up, and we end up trapped in the elevator for hours.

Man, it was great.  We did it in every position we could.  When this girl got moving, you could hear the elevator emergency break groan, and the tension on the elevator cables.

Then, I got tired of it, and greased her up with the Crisco, and played a few games of "Wrestle The Greased Pig."  She'd run around the elevator, naked, greased up, and on all fours, and I'd have to try to catch her and hog-tie her with my shoelaces.  You should have seen the look on the firemans' face's when they opened the door of that car.

Vulnerability
The Otis 12 Passenger Elevator is designed to accomodate a total of 12 passengers, although you'd have to stack them like fucking corpses.  There's barely enough room for 6 people, unless you're either a heroin addict, or look like rfp.

In a building with greater than 12 floors, it is possible for an elevator user to select greater than 12 floors, although at any given time the maximum amount of occupants dictates that the elevator will make no more than 12 stops.  This leads to resource consumption, lost time, and being stuck on a fucking elevator between two fat sweaty people for several floors.

Mitigating Strategies
None.

Solution
Revise elevator firmware to prevent selection of more floors than maximum occupancy of elevator.
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wl4EARECAB4FAj2KMuUXHGVtcGlyaWNhbEBodXNobWFpbC5jb20ACgkQKZiWmX9gB9bB
HACeL2/74j04Wz1AFOXnfbtwAmjqSu4AnjKuRLRKWMaGNiwJPIs4bh2/4dQp
=LdjT
-----END PGP SIGNATURE-----




Get your free encrypted email at https://www.hushmail.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ