Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 8 submissions in the queue.

Submission Preview

Link to Story

Curiosity Rover's OS has Backdoor Bug

Accepted submission by Arthur T Knackerbracket at 2015-09-14 14:26:04
/dev/random

"Arthur T Knackerbracket" writes:

Story automatically generated by StoryBot Version 0.0.1g (Development).

Note: This is the complete story and will need further editing. It may also be covered by Copyright and thus should be acknowledged and quoted rather than printed in its entirety.

FeedSource: [TheRegister] collected from rss-bot logs

Time: 2015-09-14 08:01:28 UTC

Original URL: http://www.theregister.co.uk/2015/09/14/curiosity_rovers_os_has_back_door_bug/ [theregister.co.uk]

Title: Curiosity Rover's OS has Backdoor Bug

Suggested Topics by Probability (Experimental) : 21.4 OS 14.3 science 14.3 hardware 14.3 careersedu 7.1 security 7.1 mobile 7.1 digiliberty 7.1 careers 7.1 breaking

--- --- --- --- --- --- --- Entire Story Below --- --- --- --- --- --- ---

Curiosity Rover's OS has backdoor bug

Canadian security researcher Yannick Formaggio has detailed a significant flaw in VxWorks, the real-time operating system (RTOS) made by Intel subsidiary Wind River.

Speaking at the 44CON event made famous last week, Formaggio detailed [slideshare.net] how an integer overflow mess allows remote code execution in the operating system. Formaggio discovered the flaw after fuzzing the OS at the request of a client keen to understand its workings better. That effort led the researcher to declare that Wind River generally generally does a fine job of security and takes it seriously, but hadn't considered what might happen when a credential was set to a negative value.

Once Formaggio tried that trick, he found he could defeat or bypass all memory protections and set up a backdoor account. Which of course is just what you don't want to be possible in the kind of devices that require an RTOS, as most are expected to be extraordinarily reliable and secure so they can get on with jobs like running industrial equipment, planes and the Curiosity Rover that Wind River proudly claims as a customer [windriver.com].

Formaggio also found that the operating system's “FTP server is susceptible to ring buffer overflow when accessed at a high speed” and crashes when sent a “specially crafted username and password”.

Versions 5.5 through 6.9.4.1 have the problem, which means many millions of devices need patching. Wind River has acknowledged the flaw and is in the process of providing patches. Formaggio urges users of the operating system to check the Wind River knowledge library to get their fresh code fix.

The researcher's also said he'll detail his fuzzing apparatus here [bitbucket.org] in coming weeks, but won't reveal exploit code “unless explicit authorisation given”.

Original Submission