Spire Security Viewpoint: Updated Undercover Exploit List

Well, it looks like the latest Powerpoint exploit gets added to my list of "undercover vulnerabilities." That leaves me with the following:

New Addition (11 total since 1988):

7/11/06 - Powerpoint "0day" (public information)

Old List:

12/29/05 - WMF. (public information)
2/7/05 - Mailman directory traversal. (credit: ilja van Sprundel)
11/16/04 - Twikis search.pm. (credit: ilja van Sprundel)
12/04/03 - Rsync. (credit: David Goldsmith, Matasano)
11/20/03 - do_brk() overflow. (credit: David Goldsmith, Matasano)
3/18/03 - WebDAV. (publicly available information)
9/3/98 - SunOS ToolTalk. (credit: TQBF, who never got the beer...)
4/24/96 - rpc.statd. (double credit: TQBF - thanks again.)
11/2/88 - Sendmail (credit: David Goldsmith, Matasano)
11/2/88 - Fingerd (credit: David Goldsmith, Matasano)

Honorable Mention (which don't quite make the list because the vulnerability information was not discovered due to an active exploit):

RealServer ../../../ overflow
Any of the Immunity VSC releases (Mac OS X Kernel Local, anyone?)
Samba bug that HDM got hacked with... [this may get elevated, I am not sure]
[Credits: Dave Aitel and Anton Chuvakin for the information]

Verify your Comment

Previewing your Comment

Posted by: |

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:

Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Spire Security Viewpoint

Updated Undercover Exploit List

TrackBack

Comments

Verify your Comment

Previewing your Comment

Post a comment

About

Categories

Recent Posts

Archives