Bugtraq mailing list archives

Sega Dreamcast Web Browser Email Security Issue

From: hight1mez () HOTMAIL COM (HIGH TIMES)
Date: Tue, 14 Sep 1999 07:47:28 PDT


Sega Dreamcast Web Browser Advisory

Author: John Bissell a.k.a. hight1mes
Vulnerable: Sega Dreamcast
Impact: Unable to check and manage email threw SDWB
Release Date: September 13, 1999
Status: Sega has been contacted
Contact: royalblu () silcom com
Homepage: http://www.silcom.com/~royalblu/

Background:
===========

        The Sega Dreamcast Web Browser software that comes packaged in with every
Dreamcast now allows the gamer for the first time ever to connect to the
Internet via a console system. Unfortunately Sega has delivered the general
public a very insecure web browser for browsing the web.

        SDWB (Sega Dreamcast Web Browser) now only can browse the web but can send
and receive email by clicking on the Mail icon from the command cluster.
This is where we find the security problem in the SDWB mailbox.

Problem Description:
====================

        I thought to myself hmm now that console systems can connect to the
Internet there must be potential for a for insecurity. Sure enough early
into my investigation of the SDWB I found you can lock out a email account.

        The problem can be exploited in the SDWB itself or any other email client
that supports huge a huge subject when composing a message. I will now break
down the exploit into a list of easy steps using the SDWB.

1.) Start up the Sega Dreamcast Web Browser and connect to the Internet.
2.) Send a message with a huge and i mean huge subject line.

        Thats it! Now where that message was sent to no email can be viewed or
managed threw the SDWB. When the victim SDWB user trys to read his email
account he will get a error message reporting quote "An internal error has
occurred. Please contact Sega."

        This sort of problem exists in alot of software across the globe due to
insufficient bounds checking... Sigh, when will we learn to code securely!

Solution:
=========

        To fix this internal error when SDWB trys to access your email account you
must use email software like Outlook Express, Eudora, etc on a computer to
delete the evil message(s) with huge subjects.

______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com

Current thread:

One more 3Com SNMP vulnerability Nerijus Krukauskas (Aug 30)
- Re: One more 3Com SNMP vulnerability Peter Hicks (Sep 01)
- Re: One more 3Com SNMP vulnerability fred () VIA ECP FR (Sep 02)
- NMRC Advisory: HackerShield on Windows NT Simple Nomad (Sep 14)
- Sega Dreamcast Web Browser Email Security Issue HIGH TIMES (Sep 14)