All
← Back to Squawk list
Security Researchers find SQL injection in Cockpit Access Security System
Ian Carroll and Sam Curry discover that anyone with basic knowledge of SQL injection could add anyone they wanted to Known Crewmember (KCM) and Cockpit Access Security System (CASS) via FlyCASS.com, allowing themselves to both skip security screening and then access the cockpits of commercial airliners. FlyCASS has fixed the flaw in the application. (ian.sh) More...
Sort type: [Top] [Newest]
TSA or ARINC should *hire* Ian or Sam, not stop communicating with them.
[This poster has been suspended.]
Given all the probing that goes on, it's surprising neither TSA or DHS appear to have tested this system for vulnerabilities zuch as this rather elementary one, and taken preemptive action. Looks like they need a few gray hats onboard.
Kudos to the authors for contacting the relevant authorities, rather than go public with it straight away.
Not impressed with the behaviour of the said authorities later, denying everything and saying it's all right now.
Also not impressed with the authors subsequent behaviour, going public with it when apparently there is still a vulnerability.
Not impressed with the behaviour of the said authorities later, denying everything and saying it's all right now.
Also not impressed with the authors subsequent behaviour, going public with it when apparently there is still a vulnerability.
> Also not impressed with the authors subsequent behaviour, going public with it when apparently there is still a vulnerability.
Eh? The article indicates:
> After the issue was fixed, we attempted to coordinate the safe disclosure of this issue.
Sounds like they didn't publicly disclose the vulnerability until it was fixed -- so what is wrong with that?
Eh? The article indicates:
> After the issue was fixed, we attempted to coordinate the safe disclosure of this issue.
Sounds like they didn't publicly disclose the vulnerability until it was fixed -- so what is wrong with that?
Do you think it has actually been implemented on every aircraft?
>> Also not impressed with the authors subsequent behaviour, going public with it when apparently there is still a vulnerability.
Well, that's a common practice within the information security field when a fix is not provided before a deadline set when the researchers initially privately disclosed the flaw.
See "responsible disclosure" -> https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html
Well, that's a common practice within the information security field when a fix is not provided before a deadline set when the researchers initially privately disclosed the flaw.
See "responsible disclosure" -> https://cheatsheetseries.owasp.org/cheatsheets/Vulnerability_Disclosure_Cheat_Sheet.html
