Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Did a 16-bit counter overflow shut down Comair?

from [Avleen Vig] Network Security [Permanent Link]
Subject: Re: Did a 16-bit counter overflow shut down Comair?
Date: Wed, 29 Dec 2004 00:41:12 -0800 
This isn't at all surprising.
There are numerous industries which run "old" software like this. There
are several reasons not to upgrade:
  1) The software is currently "good enough"
  2) It would cost too much to upgrade
  3) The original designers are long long gone and no-one knows
                 everything about the application any more (although this is 
also a
     reason TO upgrade).

There are several money-lending organizations which run "old" software
like this too quite happily.

On Tue, Dec 28, 2004 at 12:44:20PM -0500, Richard M. Smith wrote:

Hi,

On Christmas Day last Saturday, Comair Airlines had to completely stop
flying
all of its planes due to computer problems.  Comair blamed the computer
problems on their pilot scheduling software being overloaded after bad
weather earlier in the week forced many flights to be rescheduled.  Comair
now hopes to have all of its 1,100 daily flights restored by tomorrow.

An article which was published today at the Cincinnati Post Web site
provides some interesting details of a software failure in Comair's pilot
scheduling software:

   How it happened 
   http://www.cincypost.com/2004/12/28/comp12-28-2004.html

According to the article, Comair is running a 15-year old scheduling
software package from SBS International (www.sbsint.com).  The software has
a hard limit of 32,000 schedule changes per month.  With all of the bad
weather last week, Comair apparently hit this limit and then was unable to
assign pilots to planes.

It sounds like 16-bit integers are being used in the SBS International
scheduling software to identify transactions.  Given that the software is 15
years old, this design decision perhaps was made to save on memory usage.
In retrospect, 16-bit integers were probably not a good choice.

An anonymous message posted to Slashdot the day after Christmas first
described the software failure at Comair:

   http://slashdot.org/comments.pl?sid=134005&cid=11185556

Earlier this year, an overflow of a 32-bit counter in Windows shut down air
traffic control over southern California for 3 hours:

   Microsoft server crash nearly causes 800-plane pile-up
   http://www.techworld.com/opsys/news/index.cfm?NewsID=2275

This problem occurred because of a known design flaw in older versions of
Windows:

   http://tinyurl.com/5n9gc

Richard M. Smith
http://www.ComputerBytesMan.com




-- 
Avleen Vig
Systems Administrator
Personal: www.silverwraith.com
EFnet:    irc.mindspring.com (Earthlink user access only)
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  php-Calendar File Include Vulnerability [ Command Exec ], GulfTech Security
Next by Date:  Re: [Full-Disclosure] Re: new phpBB worm affects 2.0.11, Paul Laudanski
Previous by Thread:  Re: Did a 16-bit counter overflow shut down Comair?, Mike Nice
Next by Thread:  Remote code execution with parameters withoutu ser interaction, even with XP SP2, ShredderSub7 SecExpert
Indexes:  [Date] [Thread] [Top] [All Lists]