oss-sec mailing list archives

Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less

From: Sven Kieske <s.kieske () mittwald de>
Date: Thu, 20 Nov 2014 09:53:30 +0100



On 19/11/14 08:19, Gynvael Coldwind wrote:

To be honest I would love to see all AV security tested, not just the open
source one. If they claim they make people more secure, it would be great
to know that that is backed by e.g. fuzzing and bug bounty programs.


Well in case you missed it: breaking antivirus software
from the syscan360 conference:
http://www.syscan360.org/slides/2014_EN_BreakingAVSoftware_JoxeanKoret.pdf

He searched in 17 AV programs and found
critical exploits in 14.

very interesting read.

-- 
Mit freundlichen Grüßen / Regards

Sven Kieske

Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +49-5772-293-100
F: +49-5772-293-333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen

Current thread:

Re: Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less, (continued)
- - - Re: Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Źmicier Januszkiewicz (Nov 18)
    - RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Radzykewycz, T (Radzy) (Nov 18)
    - Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Seth Arnold (Nov 18)
    - Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Hanno Böck (Nov 18)
    - Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Seth Arnold (Nov 18)
    - Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Alexander Cherepanov (Nov 18)
    - Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Kurt Seifried (Nov 18)
    - Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Michal Zalewski (Nov 18)
    - Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Gynvael Coldwind (Nov 19)
    - Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Joshua Rogers (Nov 19)
    - Re: RE: [security-vendor] Re: [oss-security] Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Sven Kieske (Nov 20)
- Re: Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Alexander Cherepanov (Nov 20)
  - Re: Fuzzing findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP, gdk-pixbuf, file, ndisasm, less Hanno Böck (Nov 20)