Security Basics mailing list archives
Re: Detecting vulnerabilities to write exploits
From: ahmad mubarak <gosi.infosec () gmail com>
Date: Wed, 4 Jan 2006 14:13:15 +0300
there are diifferent ways: 1 - vendors always announcing about the vulnerabilities before releasing the patches such as the Oxy-morons (Microsoft) 2 - bad behaviour of Security Response Teams by Making such tools publicly available when there's no vendor patch available is irresponsible. Plain and simply irresponsible. Everybody associated in making and publishing the exploit knows this. And they should know better. Moore, A.S, San and FrSIRT: you should know better. http://www.f-secure.com/weblog/archives/archive-012006.html#00000758 On 30 Dec 2005 09:47:17 -0000, neelima_2sha () yahoo com <neelima_2sha () yahoo com> wrote:
Hi All, This is something very basic to start with the exploit writing. Can anyone let me know these queries: How do you detect the vulnerability to write a exploit for this? Basically i want to know that how do u find in any code of program that there is buffer overflow or any other kind of vulnerability existing? How will analyse this to start writing the exploit with respect to this vulnerability? I hope the query is clear. Regards, Neelima Sharma --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ----------------------------------------------------------------------------
Current thread:
- Detecting vulnerabilities to write exploits neelima_2sha (Jan 03)
- Re: Detecting vulnerabilities to write exploits ahmad mubarak (Jan 04)
- Re: Detecting vulnerabilities to write exploits Joshua (Jan 04)
- Re: Detecting vulnerabilities to write exploits vinny (Jan 05)
- Re: Detecting vulnerabilities to write exploits Joshua (Jan 04)
- Re: Detecting vulnerabilities to write exploits Gunnar Wolf (Jan 05)
- <Possible follow-ups>
- Re: Detecting vulnerabilities to write exploits kmuskrat (Jan 06)
- Re: Detecting vulnerabilities to write exploits ahmad mubarak (Jan 04)