Poland Spring Overflow Vulnerability

created by donfreenut
(idea) by donfreenut (1.2 d) (print)   (I like it!) 2 C!s Wed Nov 22 2000 at 14:02:05

From: "Poland Spring Product Security Team" <x-force-security@polandspring.com>
To: "SWBUGTRAQ" <swbugtraq-list@listserv.swbugtraq.org>
Subject: 24oz. SportPak Enterprise Container Overflow Vulnerability
Date: 22 Nov 00 08:46:01AM

Poland Spring Product Security Team has identified a serious vulnerability in the Enterprise version of its 24oz. SportPak Mobile Containment Unit product. No patch is available.

The SportPak Container, in this case the 710 mL product, is designed to be a secure mobile containment system. Its elegant interface allows real-time two-state policy changes through an adjustable binary "SportValv." For additional security, the SportValv is protected by a transparent dome, which shields its "cloud-facing" side. The Enterprise version employs low-density, zero-flash polymers in containment, which reduces its net mass, unfilled, by 9 mg.

The expensive plastics used in the Enterprise version also afford it flexibility, and thus a high rate of delivery (ROD). Due to implementation errors in the bottleneck subsystem, a malicious attacker could send a malformed SportValv removal request, separating the SportValv assembly from its guide ring and, in essence, disabling and removing the entire SportValv itself.

In this event, the SportPak Mobile Containment Unit would become depressurized (Spontaneous Containment Unit Depressurization, or SCUD). Due to the high flexibility of the SportPak Enterprise's containment system, the walls could then severely compress, causing a serious overflow condition.

No current patch is available, and no change in the implementation of the SportValv is in development. Three workarounds are suggested:


Workaround 1:

Mount the 24oz. SportPak Mobile Containment Unit on a Poland Spring-compliant Containment Cranial Mount. Load the Unit with the SportValv pointed down (the Unit's base will then face the cloud).


Workaround 2:

At a Poland Spring-approved Containment Workstation, manually fuse the SportValv to the Unit's main conduit, using an acetylene torch.


Workaround 3:

Flush the contents of the Mobile Containment Unit into a ceramic, glass, or metal Home Containment Unit. At a Poland Spring-approved Containment Workstation, make a bong out of the Mobile Containment Unit. Spend the afternoon smoking chiba and watching "Iron Chef."



Poland Spring Product Security Team
x-force-security@polandspring.com




I am a bitter young man with wet pants.
Y'know, if you log in, you can write something here, or contact authors directly on the site. Create a New User if you don't already have an account.