Vulnerability Development mailing list archives

Techniques for Vulneability discovery

From: "kaipower" <kaipower () subdimension com>
Date: Fri, 5 Apr 2002 09:04:33 +0800

Hi,

After reading the mailing list for quite a while, there is a burning
question which I kept asking myself:

How do experts discover vulnerabilities in a system/software?

Some categories of vulnerabilities that I am aware of:
1) Buffer overflow (Stack or Heap)
2) Mal access control and Trust management
3) Cross site scripting
4) Unexpected input - e.g. SQL injection?
5) Race conditions
6) password authentication

Do people just run scripts to brute force to find vulnerabilities? (as in
the case of Buffer overflows)
Or do they do a reverse engineer of the software?

How relevant is reverse engineering in this context?

Anybody out there care to give a methodology/strategy in finding
vulnerabilities?

Mike



_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Current thread:

Techniques for Vulneability discovery kaipower (Apr 04)
- RE: Techniques for Vulnerability discovery Oliver Petruzel (Apr 05)
  - Re[2]: Techniques for Vulnerability discovery dullien (Apr 06)
  - Re[2]: Techniques for Vulnerability discovery dullien (Apr 06)
  - RE: Techniques for Vulnerability discovery Leon (Apr 08)
- Re: Techniques for Vulneability discovery Florian Hobelsberger / BlueScreen (Apr 05)
- Re: Techniques for Vulneability discovery Josha Bronson (Apr 05)
- Re: Techniques for Vulneability discovery LS (Apr 05)
  - RE: Techniques for Vulneability discovery Pedro Hugo (Apr 05)
    - Re: RE: Techniques for Vulneability discovery LS (Apr 08)
- RE: Techniques for Vulneability discovery Marc Maiffret (Apr 05)

(Thread continues...)