[conspire] USB security vulnerability.

Rick Moen rick at linuxmafia.com
Mon Jul 25 12:04:35 PDT 2005

Quoting Adrien Lamothe (a_lamothe at yahoo.com):

> Some researchers have discovered security
> vulnerabilities in USB. An article URL:
> http://www.eweek.com/article2/0,1895,1840141,00.asp?kc=ewnws072505dtx1k0000599

Well, actually in current MS-Windows USB device drivers.

Article points out that device drivers run in kernelspace, and therefore
any buffer overflows in badly written device drivers may be exploitable
with system privilege.  But we knew that.  That's why fixing significant
kernel bugs is important.

The piece appears to be a thinly disguised effort at business promotion
from SPI Dynamics, a "network security testing" consultancy.

More information about the conspire mailing list