|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] The Week of Oracle Database Bugs
Anthony_Lineberry
McAfee.com
Date: Wed Nov 29 2006 - 14:29:20 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
1. Announce (yet another) time period of some kind of bugs
2. Collect 0days from the community
3. Cancel project!
4. ...
5. Profit!
-----Original Message-----
From: dailydave-bounceslists.immunitysec.com on behalf of Dude VanWinkle
Sent: Wed 11/29/2006 5:14 AM
To: Jared DeMott
Cc: dailydavelists.immunitysec.com; Dave Aitel
Subject: Re: [Dailydave] The Week of Oracle Database Bugs
update:
from: http://www.argeniss.com/woodb.html
The Week of Oracle Database Bugs
We are sad to announce that due to many problems the Week of Oracle
Database Bugs gets suspended.
We would like to ask for apologizes to people who supported this and
were really excited with the idea, also we would like to thank the
people who contributed with Oracle vulnerabilities.
-----------------------
thanks for the tip Ferg!
-JP
On 11/27/06, Jared DeMott <demottjamsu.edu> wrote:
> greets Sinan!
> >
> > I don't think there could be anything special or uber cool about a
> > fuzzer.
> Interesting. To say the least my hat goes off to the security/app dev
> community as a whole, because it seems that fuzzing is a fairly well
> understood action these days. Most know that passing a fuzz test
> doesn't == secure app, but it likely does mean we've cleared out the low
> hanging fruit, assuming we have a decent fuzzer for whatever we're testing.
>
> That said, I think there's still a lot of people fuzzing for both
> security and exploit research.
> >
> > I always assume there are millions out there that write better and
> > thousands more lines of C/python/ruby code than me every single day.
> > They have much more free time in their hands and the usual academic
> > buzz words (genetic algorithms etc.) to ponder on all day. OULU being
> > the prime example.
> ya, I hear ya bro -- creating the next generation of fuzzers is no easy
> task!!
> > There is no point in me targeting their share of the fish so instead
> > as somebody with tiny resources would, I go for the deep sea fish
> > which they never ever seem to catch with their sweeps since they don't
> > reach deep enough.
> I'd like to chat more with you offline on your methodology.
> >
> > It would be naive to think that you can outsmart all that lot and hunt
> > with similar tools and still believe it is uniquely yours.
> Hmm... great discussion!
> >
> > cheers,
> > sinan
> >
> >
>
> _______________________________________________
> Dailydave mailing list
> Dailydavelists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]