Well, it looks like the latest Powerpoint exploit gets added to my list of "undercover vulnerabilities." That leaves me with the following:
New Addition (11 total since 1988):
- 7/11/06 - Powerpoint "0day" (public information)
- 12/29/05 - WMF. (public information)
- 2/7/05 - Mailman directory traversal. (credit: ilja van Sprundel)
- 11/16/04 - Twikis search.pm. (credit: ilja van Sprundel)
- 12/04/03 - Rsync. (credit: David Goldsmith, Matasano)
- 11/20/03 - do_brk() overflow. (credit: David Goldsmith, Matasano)
- 3/18/03 - WebDAV. (publicly available information)
- 9/3/98 - SunOS ToolTalk. (credit: TQBF, who never got the beer...)
- 4/24/96 - rpc.statd. (double credit: TQBF - thanks again.)
- 11/2/88 - Sendmail (credit: David Goldsmith, Matasano)
- 11/2/88 - Fingerd (credit: David Goldsmith, Matasano)
Honorable Mention (which don't quite make the list because the vulnerability information was not discovered due to an active exploit):
- RealServer ../../../ overflow
- Any of the Immunity VSC releases (Mac OS X Kernel Local, anyone?)
- Samba bug that HDM got hacked with... [this may get elevated, I am not sure]
- [Credits: Dave Aitel and Anton Chuvakin for the information]
I can't believe how much of this I just wasn't aware of. Thank you for bringing more information to this topic for me. I'm truly grateful and really impressed.
Posted by: Health News | March 16, 2011 at 06:25 AM