Thin Client exploit vulnerabilities

Wyse Technologies, a manufacturer of thin and compact computer hardware, advertises its products as being as safe as (or even more so than) their PC counterparts because they contain no hard drives that are susceptible to mechanical failure or malware attacks.

Wyse even contends that putting in antivirus in their wares is an exercise in futility because its products are already safe from harm from the very start.

However, Kevin Finisterre, SNOSoft's founder and a security research expert in his own right, begged to differ.

According to him, the thin devices are still vulnerable to online hacker attacks regardless of their manufacturer's claims to the contrary because they are shipped with susceptible software full of security holes.

Once infected, these machines will become botnets that a hacker can control from afar.

Their configurations can be changed at will and they can be manipulated by cyber terrorists as freely as PC users who are physically in front of the appliance could.

Moreover, Finisterre drove the point of his allegations home by writing a proof-of-concept exploit code that showed just how defenseless Wyse hardware really are.

For instance, they could be exploited as soon as they're connected to the Internet, which allows hackers instantaneous access to the devices without the need to interact with their physical, tangible components at all.

Wyse thin devices vulnerable to attack

The only thing that an attacker needs in order to take over a Wyse thin device is to know its IP address.

Once the exploit code that's made in similar fashion to Finisterre's proof-of-concept executes and spreads, it gives the hacker total control over the command shell of the machine, with complete administrative privileges to boot.

At any rate, Wyse executives have gotten a hold of Finisterre's code and have thus far been unsuccessful in making it remotely run system-crippling code in their research laboratories.

However they concede that the code is potent enough to cause their Wyse-software-enabled hardware to crash and critically self-destruct, so they pledged to patch the vulnerabilities as soon as possible.

Further details on the code reveal that the script aimed at WDM bugs only work when the application is executing on Windows 2000 machines.

With some extra effort, Finisterre believes that exploits based on Windows Vista or many other popular operating systems can be developed via the use of heap spraying or other comparable methods.