Легенда:
 новое сообщение
 закрытая нитка
 новое сообщение
 в закрытой нитке
 старое сообщение
|
- Напоминаю, что масса вопросов по функционированию форума снимается после прочтения его описания.
- Новичкам также крайне полезно ознакомиться с данным документом.
|
PeeOnRug(), ShoeChew(), KillTheCat() and AttackOwnersGenitals() - я лежал! :)) 23.12.03 01:16 Число просмотров: 2089
Автор: Sandy <Alexander Stepanov> Статус: Elderman
|
|
|
|
<humor>
|
Sony, Inc. "AIBO" Entertainment Robot. 23.12.03 01:08
Автор: + <Mikhail> Статус: Elderman
|
To:BugTraq
Subject:CERT Advisory CA-2000-69
Date:Mon Jul 10 2000 04:00:16
Author:Jamie Rishaw
Message-ID:<20000710160016.A24976@next.hway.net>
CERT Advisory CA-2000-69 AIBO Authentication Algorithm Corruption
Vulnerability
Original Release Date: July 10, 2000
Last Revised: --
Source: CERT/CC
A complete revision history is at the end of this file.
Systems affected
* AIBO ERS-110 Aperios OS
* AIBO ERS-111 Aperios OS
Overview
A vulnerability involving the Visual authentication algorithm has
recently
been identified in the Sony, Inc. "AIBO" Entertainment Robot. Owners of
AIBO
Robots are encouraged to upgrade their Aperios DogOS soon as possible.
The AttackBite() control has a serious vulnerability that allows remote
intruders within earshot of AIBO to execute arbitrary code. Scripts are
proliferating the Internet with new routines such as PeeOnRug(),
ShoeChew(),
KillTheCat() and AttackOwnersGenitals(). The latter, classified by CERT as
a "Denial of Service" attack, is most vicious, and for this reason CERT
encourages immediate patch implementation. Some common cicrumstances under
which this vulnerability can be exploited are addressed by the Sony patch;
others are not.
I. Description
There are at least three distinct vulnerabilities in the ERS-110 and
ERS-111 implementation of the Aperios software. All of these
vulnerabilities
may be exploited to effect Quicker-Picker-Upper and Owner Discomfort
attacks
with varying degrees of severity. Owners are advised, until patch
completion,
to guard themselves, and to have extra paper towels on hand.
- The AIBO Sound Controller, when configured to play Britney Spears'
"Oops, I Did It Again," will cause AIBO to lift a hind leg and
spontaneously
leak battery juice on the floor, simulating a urination (female ERS-110
models "squat" during this exploit).
- The buffer used to hold the variable MyOwner in the function
process_face() can be overflowed, reverting AIBO into experimental
AiboPitBull code. When combined with the Sound Controller's Performance
Mode signal, unpatched AIBO units can receive arbitrary code, and multiple
reports of owner emasculation have been reported.
- (Unverified) Owners who accidentally have left their television on
late
at night have reported incidents of AIBO attacking their small children
and pets within minutes of the airing of "Tom Vu's Real Estate Seminar,"
The Story of A Vietnamese Immigrant's rags-to-riches Infomercial.
- Two reports have been submitted where a race condition involving
Tom Vu's Real Estate Seminar and presence of Richard Simmons' "Farewell
to Fat" have caused AIBO units to "die". We are still investigating this.
II. Impact
Depending on the version of AIBO, the environment in which it is
running,
and the particular vulnerability that is exploited, a remote attacker can
cause one or more of the following:
- The AIBO to attack its owner,
- The AIBO to wake, walk off its base station and attack children/pets,
- The AIBO to generate Cyber-Body-Fluid and/or Excretion, and/or
- The AIBO to die.
III. Solution
Upgrade your version of AIBO Aperios DogOS
If you are running vulnerable Aperios and cannot upgrade, you are
strongly advised to remove the battery from AIBO's behind and contact
Sony for more assistance.
Appendix A. Vendor Information
Sony, Inc.
Please see
http://www.world.sony.com/robot/aperios_vuln.htm
|
|
PeeOnRug(), ShoeChew(), KillTheCat() and AttackOwnersGenitals() - я лежал! :)) 23.12.03 01:16
Автор: Sandy <Alexander Stepanov> Статус: Elderman
|
|
|
|
|
подробно о проекте
Анализ криптографических сетевых...
