Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <546DAC0A.7010508@mittwald.de>
Date: Thu, 20 Nov 2014 09:53:30 +0100
From: Sven Kieske <s.kieske@...twald.de>
To: <oss-security@...ts.openwall.com>
Subject: Re: RE: [security-vendor] Re: Fuzzing
 findings (and maybe CVE requests) - Image/GraphicsMagick, elfutils, GIMP,
 gdk-pixbuf, file, ndisasm, less



On 19/11/14 08:19, Gynvael Coldwind wrote:
> To be honest I would love to see all AV security tested, not just the open
> source one. If they claim they make people more secure, it would be great
> to know that that is backed by e.g. fuzzing and bug bounty programs.

Well in case you missed it: breaking antivirus software
from the syscan360 conference:
http://www.syscan360.org/slides/2014_EN_BreakingAVSoftware_JoxeanKoret.pdf

He searched in 17 AV programs and found
critical exploits in 14.

very interesting read.

-- 
Mit freundlichen Grüßen / Regards

Sven Kieske

Systemadministrator
Mittwald CM Service GmbH & Co. KG
Königsberger Straße 6
32339 Espelkamp
T: +49-5772-293-100
F: +49-5772-293-333
https://www.mittwald.de
Geschäftsführer: Robert Meyer
St.Nr.: 331/5721/1033, USt-IdNr.: DE814773217, HRA 6640, AG Bad Oeynhausen
Komplementärin: Robert Meyer Verwaltungs GmbH, HRB 13260, AG Bad Oeynhausen

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.