Full Disclosure mailing list archives

Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control

From: hack ery <hackery.channel () gmail com>
Date: Thu, 29 Jan 2009 17:04:53 -0600

Security Risk:  High
Exploitable: Local
Vulnerability: Arbitrary Flow Control Control, Cat Spoofing
Discovered by: The Hackery Channel
Tested: No

The Flow Control project is an access control project for a cat.  It
consists of a cat door, an electromagnetic latch, a access control device,
and image recognition software that allows Flow to enter the house, and only
when she is not carrying prey.  When Flow is within proximity of the door,
she passes through a light that casts a shadow on an area monitored by a
camera.  If the silouhette, appears to be  Flow without prey, access is
granted.

Cat Spoofing:  An attacker could potentially gain access by posing as a
kitty by placing a cut out of the kitty next to the light.

Mitigation: None.
Work around: Guard dog
Vendor Notified: No
Vendor Site: http://www.quantumpicture.com/Flo_Control/flo_control.htm

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control hack ery (Jan 29)
- Message not available
  - Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Nancy Kramer (Jan 29)
    - Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Jeremy Brown (Jan 30)
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Charles Morris (Jan 30)
  - Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Jordan Bray (Jan 30)
    - Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Michael Holstein (Jan 30)
- Re: Hackery Channel 01-09-01-LOLZ: Cat Spoofing against Flow Control Valdis . Kletnieks (Jan 30)