[fuzzing] MoKB take?
Gadi Evron
ge at linuxbox.org
Tue Nov 7 07:35:16 CST 2006
Hi guys. I've been following the month of kernel bugs rather closely. Very
interesting.
The fuzzers they use seem interesting, but some of the vulnerabilities
don't seem like they were found with a fuzzer, such as for example the gdi
local exploit? They did ask for others to participate, though.
What's your take on this? Are we going to see more file system,
etc. fuzzers around? The MoKB guys seem to be developing their tools
further.
I also wonder on how effective they are, and if 30 is indeed the number of
what can be found with them, or if more (a lot more?) is hiding and
waiting to be discovered.
From: http://projects.info-pull.com/mokb/
fsfuzzer-0.6
Linux version of fsfuzzer. Supports most popular filesystems (ntfs, ext3,
ext2, vfat, iso9660, etc). GPG encrypted (with symmetric cipher) list of
the bugs found in Linux as of 23 October 2006. *BSD (FreeBSD,
NetBSD...) version of fsfuzzer. Supports most popular filesystems (ntfs,
ext3, ext2, iso9660, ufs, etc).
fs-bugs-23-10-2006
GPG encrypted (with symmetric cipher) list of the bugs found in Linux as
of 23 October 2006.
fsfuzzer-bsd-0.1
*BSD (FreeBSD, NetBSD...) version of fsfuzzer. Supports most popular
filesystems (ntfs, ext3, ext2, iso9660, ufs, etc).
More information about the fuzzing
mailing list