| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c83481820901300005s7ae301a6mae88538de1120361@mail.gmail.com> Date: Fri, 30 Jan 2009 03:05:00 -0500 From: Jeremy Brown <0xjbrown41@...il.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Forget cats, watch out for the ligers! On Fri, Jan 30, 2009 at 2:50 AM, Nancy Kramer <nekramer@...dtheater.net> wrote: > Another cat not carrying prey would also work well. Lots of stray cats > like to come in when it is cold so this could very likely happen. The cat > the device was bought for could also attract other cats that would follow > it into the house. Some cats are quite social and have "friends". This > should maybe be called cat spoofing as the cat this device was intended for > is not the cat getting entry. > > Lots of fun finding strange cats in your house at 3AM. Note; Cats tend to > be nocturnal. You don't need any kind of high tech device for this. Just > open the door for your cat and others may come in. Cats are fast so it is > hard to keep them out. Besides they are awake and you are probably NOT. > > Been there done that. > > Regards, > > Nancy Kramer > > > > > > At 06:04 PM 1/29/2009, hack ery wrote: > >>Security Risk: High >>Exploitable: Local >>Vulnerability: Arbitrary Flow Control Control, Cat Spoofing >>Discovered by: The Hackery Channel >>Tested: No >> >>The Flow Control project is an access control project for a cat. It >>consists of a cat door, an electromagnetic latch, a access control device, >>and image recognition software that allows Flow to enter the house, and >>only when she is not carrying prey. When Flow is within proximity of the >>door, she passes through a light that casts a shadow on an area monitored >>by a camera. If the silouhette, appears to be Flow without prey, access >>is granted. >> >>Cat Spoofing: An attacker could potentially gain access by posing as a >>kitty by placing a cut out of the kitty next to the light. >> >>Mitigation: None. >>Work around: Guard dog >>Vendor Notified: No >>Vendor Site: >><http://www.quantumpicture.com/Flo_Control/flo_control.htm>http://www.quantumpicture.com/Flo_Control/flo_control.htm >>_______________________________________________ >>Full-Disclosure - We believe in it. >>Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>Hosted and sponsored by Secunia - http://secunia.com/ >> >>No virus found in this incoming message. >>Checked by AVG. >>Version: 7.5.552 / Virus Database: 270.10.15/1924 - Release Date: >>1/29/2009 5:57 PM > > > -- > No virus found in this outgoing message. > Checked by AVG. > Version: 7.5.552 / Virus Database: 270.10.15/1924 - Release Date: 1/29/2009 5:57 PM > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists