Ergebnis 1 bis 3 von 3

Thema: Sicherheitslücke in Pepsiflaschen!

  1. #1
    Wühlmaus Avatar von Nager
    Dabei seit
    Down Under


    Die Sicherheitsmailingliste Full Disclosure beschreibt das Problem. Erste proof-of-concept exploits wurden auch schon gesichtet.

    Pepsi Bottlecap Liner Labeling Information Leak Vulnerability

    Advisory Location:

    Release date:
    February 18, 2004

    Pink (Free Music Downloads)

    Systems Affected:
    Diet Pepsi - 20 FL OZ Bottle (with "1 in 3 Wins a FREE Song" label)
    Pepsi - 20 FL OZ Bottle (with "1 in 3 Wins a FREE Song" label)
    Sierra Mist - 20 FL OZ Bottle (with "1 in 3 Wins a FREE Song" label)

    During the Super Bowl, Apple and Pepsi co-launched an Ad campain giving away 100 Million songs via Apple's iTunes Music Store. Because of a vulnerability in the notification of the give-away, attackers can guarentee a free song in any Pepsi purchase. Pepsi uses an industry standard known as "bottlecap liner labeling", where the vendor includes notification of fun and prizes. This method of notification is vulnerable to a pre-purchase notification weakness, allowing attackers to limit their purchase to products that are known to be "winners" in the give-away.

    Technical Description:
    An attacker capable of obtaining physical access to a bottle prior to purchase may create a non-uniform probability distribution leading to predictable outcome. By causing the bottle to be inclined at a specific declination, the attacker may gain partial visibility into result variable thereby bypassing the natural selection process.

    This attack is not new. Prior soft drink distribution versions have been
    vulnerable to this attack in the past. Known vulnerable versions have included the Mountain Dew "Free Soda" give-aways.

    Vendors should put all Pepsi 20 OZ bottles in a vending machine, which should mitigate this attack by not allowing physical access before the attacker purchases the product.

    ISS users can add the following TRONS rule to detect this attack:

    alert bottle any any -> any any (msg:"pepsi attack"; tilt:>15;
    classtype:information-leak; priorityink

    This rule may be used to identify downloads of known exploits:

    alert tcp any 80 -> any any (msg:"Pepsi exploit download";
    content:"pepsi"; nocase; content:"tilt"; nocase;

    Vendor Status:
    The vendor has not been notified.

    Exploits have been observed in the wild and are presumed to be in common use.
    A proof-of-concept exploit is available at:

    Ereet Hagiwara
    Brian Caswell
    Dragos Ruiu

  2. #2
    Dabei seit


    Diät Koks regelt eben doch.

  3. #3
    Foren-Halbgott Avatar von Dune
    Dabei seit
    Uncharted territories


    Also auf gut Deutsch heisst das wenn ich die Flasche in nem bestimmtem Winkel drehe kann ich sehen ob die Flasche nen Gewinn ist, oder was? Oh man.... *G*
    I can feel it. The turn of the Earth. The ground beneath our feet is spinning at a thousand miles an hour, the entire planet is hurtling around the sun at sixty-seven thousand miles an hour, and I can feel it. We're falling through space, you and me, clinging to the skin of this tiny little world, and if if we let go... that's who I am.

Aktive Benutzer

Aktive Benutzer

Aktive Benutzer in diesem Thema: 1 (Registrierte Benutzer: 0, Gäste: 1)

Ähnliche Themen

  1. RPC-Sicherheitslücke noch nicht gestopft
    Von Nager im Forum Games, Software & Technik
    Antworten: 5
    Letzter Beitrag: 07.11.2003, 20:47
  2. Kritische Sicherheitslücke im IE
    Von Nager im Forum Games, Software & Technik
    Antworten: 13
    Letzter Beitrag: 27.10.2003, 13:00

Als Lesezeichen weiterleiten

Als Lesezeichen weiterleiten


  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein