software vulnerabilities
at: http://2010.confidence.org.pl/agenda.
Among the many distinguished speakers, you can find:
########## SPEAKERS ##########
# Jacob Appelbaum - "Anonymity, Privacy, and Circumvention with Tor in the Real World
# Ulascan Aytlolun, Celil ‘karak0rsan’ Ünüver - "Analysis of Software Vulnerabilities"
# Axelle Apvrille - "The Four Horsemen – Malware for mobile"
# Frank Breedijk - "PKI is dead, long live PKI"
# Jesse Burns - "Aurora attacks" and "Android Reverse Engineering"
# Gynvael Coldwind - "Case study of recent Windows vulnerabilities"
# Sebastian Fernandez - "General notes about exploiting Windows x64"
Attacking Software
* Vulnerability discovery (and automating it!)
* Non-x86 exploitation
* Fuzzing with SMT and its limits
* New classes of software vulnerabilities and new methods to detect
software bugs (source or binary based)
* Reverse Engineering tools and techniques
* Static analysis (source or binary, Lattices to blind analysis, new
languages and targets strongly encouraged)
* Unpacking
bundled publication includes seven Security Advisories. All the
advisories address vulnerabilities in Cisco IOS Software. Each
advisory lists the releases that correct the vulnerability or
vulnerabilities detailed in the advisory. The table at the following
URL lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on March 24, 2010, or
earlier:
http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
CVE: FSC20090609-01
Vendor: MS09-021
10. About TELUS Security Labs Vulnerability Research Service
The Vulnerability Research Service (VRS) gives an in-depth understanding of the mechanisms and properties of software vulnerabilities. This service provides lab-based analysis of vulnerabilities based on disassembly, protocol analysis, and source-code analysis.
Our vulnerability data enables security product vendors to deliver product updates without the need for additional research. This data also gives MSPs and enterprise security teams the tools and knowledge to more effectively protect their environments without time-consuming research.
http://telussecuritylabs.com/vulnerabilities
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090923-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
the advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses vulnerabilities in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The table
at the following URL lists releases that correct all Cisco IOS
Software vulnerabilities that have been published on September 22,
2010, or earlier:
http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090923-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090923-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
bundled publication includes seven Security Advisories. All the
advisories address vulnerabilities in Cisco IOS Software. Each
advisory lists the releases that correct the vulnerability or
vulnerabilities detailed in the advisory. The table at the following
URL lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on March 24, 2010, or
earlier:
http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090923-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
Note: The March 25, 2009, Cisco IOS Security Advisory bundled
publication includes eight Security Advisories. All of the advisories
address vulnerabilities in Cisco IOS Software. Each advisory lists
the releases that correct the vulnerability or vulnerabilities in the
advisory. The following table lists releases that correct all Cisco
IOS Software vulnerabilities that have been published in Cisco
Security Advisories on March 25, 2009, or earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090325-bundle.shtml
Individual publication links are listed below:
Note: The March 25, 2009, Cisco IOS Security Advisory bundled
publication includes eight Security Advisories. All of the advisories
address vulnerabilities in Cisco IOS Software. Each advisory lists
the releases that correct the vulnerability or vulnerabilities in the
advisory. The following table lists releases that correct all Cisco
IOS Software vulnerabilities that have been published in Cisco
Security Advisories on March 25, 2009, or earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090325-bundle.shtml
Individual publication links are listed below:
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090923-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
bundled publication includes seven Security Advisories. All the
advisories address vulnerabilities in Cisco IOS Software. Each
advisory lists the releases that correct the vulnerability or
vulnerabilities detailed in the advisory. The table at the following
URL lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on March 24, 2010, or
earlier:
http://www.cisco.com/warp/public/707/cisco-sa-20100324-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
the advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses vulnerabilities in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The table
at the following URL lists releases that correct all Cisco IOS
Software vulnerabilities that have been published on September 22,
2010, or earlier:
http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
the advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses vulnerabilities in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The table
at the following URL lists releases that correct all Cisco IOS
Software vulnerabilities that have been published on September 22,
2010, or earlier:
http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090923-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090923-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
the advisories address vulnerabilities in Cisco IOS Software and one
advisory addresses vulnerabilities in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The table
at the following URL lists releases that correct all Cisco IOS
Software vulnerabilities that have been published on September 22,
2010, or earlier:
http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
[*] Attacking Software
* Automating vulnerability discovery
* The business of the 0-day market
* Non-x86 exploitation
* New classes of software vulnerabilities and new methods to detect
software bugs (source or binary based)
* Static and Dynamic binary or source-based analysis
* Current exploitation on Gnu/Linux WITH GRsecurity/SElinux/
OpenWall/SSP
and other current protection methods
Note: The March 25, 2009, Cisco IOS Security Advisory bundled
publication includes eight Security Advisories. All of the advisories
address vulnerabilities in Cisco IOS Software. Each advisory lists
the releases that correct the vulnerability or vulnerabilities in the
advisory. The following table lists releases that correct all Cisco
IOS Software vulnerabilities that have been published in Cisco
Security Advisories on March 25, 2009, or earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090325-bundle.shtml
Individual publication links are listed below:
Note: The March 25, 2009, Cisco IOS Security Advisory bundled
publication includes eight Security Advisories. All of the advisories
address vulnerabilities in Cisco IOS Software. Each advisory lists
the releases that correct the vulnerability or vulnerabilities in the
advisory. The following table lists releases that correct all Cisco
IOS Software vulnerabilities that have been published in Cisco
Security Advisories on March 25, 2009, or earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090325-bundle.shtml
Individual publication links are listed below:
the advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses vulnerabilities in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The table
at the following URL lists releases that correct all Cisco IOS
Software vulnerabilities that have been published on September 22,
2010, or earlier:
http://www.cisco.com/warp/public/707/cisco-sa-20100922-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090923-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
Note: The March 25, 2009, Cisco IOS Security Advisory bundled
publication includes eight Security Advisories. All of the advisories
address vulnerabilities in Cisco IOS Software. Each advisory lists
the releases that correct the vulnerability or vulnerabilities in the
advisory. The following table lists releases that correct all Cisco
IOS Software vulnerabilities that have been published in Cisco
Security Advisories on March 25, 2009, or earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090325-bundle.shtml
Individual publication links are listed below:
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
http://www.cisco.com/warp/public/707/cisco-sa-20090923-bundle.shtml
Individual publication links are in "Cisco Event Response: Semiannual
|
