maemo.org - Talk - View Single Post

tetris11_	2012-12-18 , 11:25
Posts: 309 \| Thanked: 519 times \| Joined on Oct 2010	#17

^ yep I got the shock of my life when my sister bluetooth'd into my phone and copied ALL MY FILES. It was a two way connection, but she had an older version of bluetooth (v1), so somehow she could access my files and I couldn't access hers. Creepy.

Also, explain the libpng thing. That just renders png images right? What's the security issue there?
Edit: Found it

Various versions of libpng through 1.5.11, 1.4.11, 1.2.49, and 1.0.59, respectively, set the top-level archive-extraction directory's permissions to be world-writable as part of the distcheck Makefile target's operations (configure-generated Makefile only). This could allow a local attacker on the build host to silently replace the extracted libpng library with a malicious version, conceivably poisoning an official binary distribution of libpng (though the likelihood of this seems remote), but more generally allowing the attacker to execute arbitrary commands with the permissions of the user running make

__________________
PhoneStreamer - VLC/Webcam/Audio streaming to your PC. Also it's a SPYCAM app

WatchDog - Motion Detector and Time Lapser. Securicam!

Last edited by tetris11_; 2012-12-18 at 11:37.

Quote & Reply |

The Following User Says Thank You to tetris11_ For This Useful Post:
Sourav.dubey