Full Disclosure mailing list archives

Re: Automated Vulnerability Scanners

From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Fri, 24 Feb 2006 14:36:56 -0500

On 2/24/06, Q Beukes <full-disclosure () list za net> wrote:

no, what I was talking about was programs/algorithms that actually
scan software to find new unknown problems.

i have never heard of anything like this myself nor can't think of an
efficient way
of implementing it, yet someone claimed they exist.

I can't find any on google either?


Are you talking about something that looks through the source code for
a bad malloc implementation, or something that will try to go through
the assembly for an off-by-one error?

-JP
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Automated Vulnerability Scanners Q Beukes (Feb 22)
- Message not available
  - Re: Automated Vulnerability Scanners Q Beukes (Feb 24)
    - Re: Automated Vulnerability Scanners Gadi Evron (Feb 24)
    - Re: Automated Vulnerability Scanners Simon Smith (Feb 24)
    - Re: Automated Vulnerability Scanners Michael Holstein (Feb 24)
    - Re: Automated Vulnerability Scanners Michael Holstein (Feb 24)
    - Re: Automated Vulnerability Scanners Dude VanWinkle (Feb 24)
- <Possible follow-ups>
- RE: Automated Vulnerability Scanners Krpata, Tyler (Feb 24)