In previous blogs, I’ve talked about using code coverage as one metric for assessing the effectiveness of fuzzing. While protocol specifications and application definitions can be used for fuzzing, the interdependencies of fields and messages within protocols, including state, are not always obvious. For example, when looking at the telnetd source, it’s pretty obvious that you need to send 4 or 5 primary telnet options before the server will enter the main loop. Or the fact that no matter what you do with the XDISPLAYLOC telnet option, you are wasting time since the server simply passes this to setenv.
Archive for March 2007
Remote DOS in Asterisk SIP
The Mu Security Research Team released advisory “MU-200703-01″ today. Details: http://labs.musecurity.com/advisories/MU-200703-01.txt
Categories: Advisories
