New attack puts routers, cell phones at risk

A security researcher at Juniper Networks has developed a new form of attack that can be used to run unauthorized software on a wide range of computing devices, including routers and mobile phones.

In a demonstration set to take place at the CanSecWest security conference in Vancouver Thursday, Juniper's Barnaby Jack says he will show how this technique could be used to take control of a router and then inject malicious software on virtually every machine on the network.

Jack says he has discovered a way to turn a common type of computing error -- called a null pointer dereferencing error -- into something far more dangerous than previously thought. Researchers have known for years how to create these flaws, which occur when the computer tells a program that the part of memory that it's looking for is invalid, or "null." New attack puts routers, cell phones at risk | InfoWorld | News | 2007-04-19 | By Robert McMillan, IDG News Service

Linked by shanmuga Thursday, 26th April 2007 2:34AM