Re: [Full-Disclosure] Owned by an iPod

From: Dragos Ruiu (
Date: 10/22/04

  • Next message: "[Full-Disclosure] Windows 2000 Remote Buffer Overflow by class101"
    To: "Rosalina Hamar" <>,
    Date: Fri, 22 Oct 2004 10:53:55 -0700

    On October 21, 2004 10:22 pm, Rosalina Hamar wrote:
    > i heart about that demonstration a couple of weeks ago. now
    > it's an official announcement at [0]. since there is not
    > much technical info on that issue in the announcement, i googled
    > around and found a link to an interesting post about the IEEE1394
    > OHCI interface on kerneltrap [1] back in 2002.
    > shish ...
    > rosa
    > [0]
    > [1]

    More technical information on this vulnerability,
    and some of the other vulnerabilities, fixes and
    techniques from the conference will be published
    after the conference.

    Though, frankly I'm surprised that the information
    in the advisory isn't a big enough pointer on how
    to do it.

    We are also currently looking at some of the wireless
    stuff too, from amongst the set of presentations which
    deal with threats, to see if it warrants an advisory, as
    there are a few significant new things there as well...


    World Security Pros. Cutting Edge Training, Tools, and Techniques
    Tokyo, Japan	Nov 11-12 2004
    pgpkey kyxpgp
    Full-Disclosure - We believe in it.

  • Next message: "[Full-Disclosure] Windows 2000 Remote Buffer Overflow by class101"