CAN-2004-0143 initially looked promising when I read the heading at pentest.co.uk. Unfortunately after reading the full advisory it becomes obvious that the vulnerability type has been mis-stated. It is actually a denial of service instead of a buffer overflow. Other references listed at the CVE list correctly list it as a denial of service.
This is not quite the automatic security-bypassing download vulnerability of which whe have been warned. The main use would be in "finishing " the job after getting the malicious code past security in some yet unknown fashion. Essentially an automatic reboot to enable a boot loading component to gain control. Similar, recently to Sasser or much earlier to one or two older multipartite viruses. Regardless, an unwieldy attack.
Perhaps some of the StrongARM shellcode techniques may be more appropriate.
Subscribe to:
Post Comments (Atom)
Auto "Kill Switch", solving the wrong problem?
Consumer Watchdog, a consumer advocacy group, put out a report on the dangers of Internet connected cars. They received coverage on the nigh...
-
Consumer Watchdog, a consumer advocacy group, put out a report on the dangers of Internet connected cars. They received coverage on the nigh...
-
A number of factors drive malware on new platforms. The chance for pure discovery and experimentation, the desire to be the first, a need to...
No comments:
Post a Comment