« Come again, McAfee? | Main | Pig Pile on Microsoft »

Undercover Exploit List

17 total since 1988.

Latest Additions:

  • 9/23/06 - cPanel (credit: Dave via Adam, Ilja)

Old List:

Honorable Mention (which don't quite make the list because the vulnerability information was not discovered due to an active exploit):

  • RealServer ../../../ overflow
  • Any of the Immunity VSC releases (Mac OS X Kernel Local, anyone?)
  • Samba bug that HDM got hacked with... [this may get elevated, I am not sure]
  • [Credits: Dave Aitel and Anton Chuvakin for the information]

Definitions:

Undercover Vulnerability: A vulnerability that was generally unknown (e.g. not published on any lists, not discussed by "above ground" security folks) until it was actively exploited in the wild. The vulnerability was discovered through evidence of tampering or other means, not through the usual bugfinding ritual.

Undercover Exploit: The event and/or code used to compromise a resource running the vulnerable software in the wild.

*Note: the "credit" given is not to the person who discovered the exploit/vuln, but to the person who pointed me in the right direction. Thanks, all.

October 15, 2006 in Vulnerability Management |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8345207f669e200e5505db5698833

Listed below are links to weblogs that reference Undercover Exploit List:

» Undercover Exploits from StillSecure, After All These Years
Pete Lindstrom over at Spire has a good article up on Undercover Vulnerabilities and Exploits which he defines as:Undercover Vulnerability: A vulnerability that wasgenerally unknown (e.g. not published on any lists, not discussed byabove ground securit... [Read More]

Tracked on October 15, 2006 at 08:16 PM

» Undercover Vulnerability List - Request for Updates from Spire Security Viewpoint
There has been a bit of activity on one of my old undercover vulnerability list pages. Here is the current list but I am fairly sure it is outdated. Note that these are undercover vulnerabilities that were discovered (by the good guys) via an exploit i... [Read More]

Tracked on August 20, 2008 at 09:22 PM

Comments

Richard Bejtlich

It would be great if you maintained this as a separate page and kept it updated!

Posted by: Richard Bejtlich | November 20, 2007 at 09:44 AM

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment