int13h-SA-003

int13h-SA-003-Shoes

Topic: Multiple vulnerabilities in Shoes
Category: Extn
Module: Buffer
Announced: 05-05-27
Credits: Nightmare
Affects: Sock buffer-overflow
Corrected: tbc.
int13h only: NO

For general information regarding int13h Security Advisories, please visit www.int13h.com.

0. Revision History

v1.0 2005-05-27 Initial release.

I. Background

Originally created as a extra protection device for the socks layer. The original Shoes release was simple but effective offering rudimentary protection from rocks/gravel while allowing the underlying socks layer room to move and expand freely. Newer revisions have increased density, throughput and ease of use, some revisions are highly customisable.

II. Problem Description

Degredation of the device can lead to holes and unwanted input. Some of these holes can lead to a complete failure to protect the socks layer if an input source like water was used to inflict a buffer overflow.

III. Impact

1) A buffer overflow of the device can quickly corrupt the socks layer forcing unwanted input.

2) Failure to patch the hole(s) in the device can and will lead to possible holes in the socks layer. Penitration of the socks layer can be fatal to the underlying F.E.E.T system and could cause unwanted results.

IV. Workaround

Possible workarounds include the use of standard issue ductape to temporally patch the unwanted hole, though this itself is prone to degredation over a short period of time.

V. Solution
Seek a replacement device promptly and ensure they are to the same spec as before.

www.int13h.com - Security Advisory
Be Prepared!

0 Comments



Heavy Engine Console
--------------------------------------------------------------------------------
Loading Page... /960-int13h-SA-003
Console: