Blog Detail

Sourcefire VRT

http://vrt-sourcefire.blogspot.com

The blog of the Sourcefire Vulnerability Research Team. We discuss vulnerabilities, exploitation, exploit detection and more. We also give our opinions on just about everything.

• Added on: Jul 27th, 2009
• Country: United States
• Language: English

• Author: Sourcefire Vulnerability Research Team
• Listed in: Computer Security Software
• Tags: Security research exploit snort sourcefire vrt

Recent Posts

• DEP and Heap Sprays

  Posted on Thursday December 17th, 2009 at 16:13 in exploiting, byakugan

  Usually when you need to use a heap spray, you're SOL when it comes to DEP. The reason for this has to do with why you used the heap spray in the first place. In the case of a vtable overwrite you need a chain of pointers to get the job done. A ne...

• Sourcefire VRT Labs

  Posted on Thursday December 17th, 2009 at 15:12 in labs

  We are opening the Sourcefire VRT Labs for business. We've had a few useful things floating around in the jungle for a while now and we decided to make everything available, in one place, for everyone to use. Right now, Labs has a few resources on it...

• Adobe Reader media.newPlayer() Analysis (CVE-2009-4324)

  Posted on Tuesday December 15th, 2009 at 17:53 in adobe, exploitation, reader, acrobat

  First off its not Friday, and hopefully you'll have a better weekend. The reason for that is you are set with rules and clam sigs.Now what the heck am I talking about….Last night Adobe released an advisory detailing an in the wild exploit for Adob...

• Rule release for today - December 15th, 2009

  Posted on Tuesday December 15th, 2009 at 12:23 in adobe, rules, acrobat

  More problems with Adobe Acrobat and Acrobat Reader via the media.newPlayer function. Couple of rules to cover it, check here: http://www.snort.org/vrt/advisories/2009/12/15/vrt-rules-2009-12-15.html for more details and changelog. ...

• Operation: Don\'t Tell Lurene We\'re Working On This

  Posted on Monday December 14th, 2009 at 12:52 in Security, development, detection, o:dtlwwot

  If you've been following this blog for a while, you might have noticed that Lurene only shows up when there is evil to be done. This is why she is here; she's really, really good at it. She is also the analyst team lead and makes sure we are all k...

• I hope you\'re happy Bejtlich...you cost me a ton of sleep

  Posted on Friday December 11th, 2009 at 08:30 in conferences, sans

  So after two days of getting up at the crack of dawn, having to deal with other VRT folks before they've had their coffee and then driving through commuter traffic and getting on the Metro, I came home from the SANS Incident Detection Summit complete...

Comments & Reviews

There is no rating for this blog because there are no comments yet.

Post A Comment/Review

* Your IP is being logged.
* Your e-mail address is used only for verification purposes only and will not be sold, or shown publicly.
* No HTML tags allowed
* DO NOT use the Comments/Reviews to promote your own site.