lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: etomcat at freemail.hu (Feher Tamas)
Subject: Britannia Security Advisory 001-2004 version 1.0

Britannia Security Advisory 001-2004 version 1.0

Attack described:
Valid input at vulnerable ports can result in loss of system integrity.

Vulnerable systems:
Operating system: Microsoft
Hardware: William H. Gates III

Attack method: small natural variations in regular operation of legacy 
systems may result in data transfer vector hitting incorrect port on 
vulnerable host.

Requirements:
Only particular legacy systems can act as attack source.
Vendor: Windsor (formerly Saxe-Coburg-Gotha)
Model: QE2 revision 1926

Attack data packet (Label:Offset) KBE:1917
Specific packet data in ASCII format follows:
"Knight Commander of the Most Excellent Order of the British Empire"

Vector: Sword
Symptoms: Loss of systems integrity, ear falls off.


Mitigation strategies:

Proactive:
a., Replace attacker.
Prior consultation recommended, see: Rumsfeld, Donald
Pro: Some irish guys will thank you
Con: High costs, popular resistance, media fallout needs be considered

b., Hire "set a thief to catch a chief" whitehat with prior blackhat 
experience in such ear attacks to evaluate risks and assess defensive 
methods. See: Simon "Kefas The Stone" Peter
Pro: documented to work
Con: most vendors refuse to deal with ex black-hats,
named consultant a known liar.

c., Physical protection of the vulnerable system recommended. See:
http://money.cnn.com/2004/01/26/technology/gates_knight.reut/gates_
knight2.03.jpg


Reactive:
a., Apply patches and cover damages with insurance policy. Forensics
almost never required, but surgery can restore systems integrity
up to 90-95%.

a., Hire consultant with prior experience in similar environment, who
advises on mitigating long-term effects of said systems integrity breach.
See: Lauda, Niki, Formula 1, Champion, Three times.

c., Whitehat already mentioned under paragraph "Proactive / b." may
contract a specialist, who is certified to restore ears integrity 100%.

Pro: Successful transaction can result in reception of further input
values. See: beatification, canonization, sainthood

Con: May require prior consultation with a joint polish-italian competitor
by the brand name JPII. May require changing vendor to a JPII 
recommended supplier, which can result in loss of original input data, 
due to vendor incompatibility between the attacker and 3rd party 
consultant.

End of security advisory 001-2004-version 1.0

*************************************************

Consumer version of security bulletin available at:
http://newsvote.bbc.co.uk/mpapps/pagetools/print/news.bbc.co.uk/2/hi
/uk_news/3428673.stm

Last modified: 26/01/2004 16:35GMT 8-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ