Full Disclosure mailing list archives
Re: Hack into a Windows PC - no password needed
From: "Larry Seltzer" <Larry () larryseltzer com>
Date: Tue, 4 Mar 2008 19:00:33 -0500
The key to the vulnerability: "To use the tool, hackers must connect a Linux-based computer to a Firewire port on the target machine. The machine is then tricked into allowing the attacking computer to have read and write access to its memory. " I assume this makes it a local login, not a domain login. "Paul Ducklin, head of technology for security firm Sophos, said the security hole found by Boileau was not a vulnerability or bug in the traditional sense, because the ability to use the Firewire port to access a computer's memory was actually a feature of Firewire." So does the same capability exist on Macs? Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine larry.seltzer () ziffdavisenterprise com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Hack into a Windows PC - no password needed Ivan . (Mar 04)
- Re: Hack into a Windows PC - no password needed jipe foo (Mar 04)
- Re: Hack into a Windows PC - no password needed Larry Seltzer (Mar 04)
- Re: Hack into a Windows PC - no password needed Eric Rachner (Mar 04)
- Re: Hack into a Windows PC - no password needed Eric Rachner (Mar 04)
- Re: Hack into a Windows PC - no password needed Valdis . Kletnieks (Mar 04)
- Re: Hack into a Windows PC - no password needed Larry Seltzer (Mar 04)
- Re: Hack into a Windows PC - no password needed Steven Adair (Mar 04)
- Re: Hack into a Windows PC - no password needed jipe foo (Mar 04)