search menu icon-carat-right cmu-wordmark

Archive: 2012

Forking and Joining Python Coroutines to Collect Coverage Data

Forking and Joining Python Coroutines to Collect Coverage Data

• CERT/CC Blog
Jonathan Foote

In this post I'll explain how to expand on David Beazley's cobroadcast pattern by adding a join capability that can bring multiple forked coroutine paths back together. I'll apply this technique to create a modular Python script that uses gcov, readelf, and other common unix command line utilities to gather code coverage information for an application that is being tested. Along the way I'll use ImageMagick under Ubuntu 12.04 as a running example....

Read More
A Look Inside CERT Fuzzing Tools

A Look Inside CERT Fuzzing Tools

• CERT/CC Blog
Allen Householder

Hi, this is Allen Householder of the CERT Vulnerability Analysis team. If you've been following this blog for a while, you are probably familiar with our fuzzing tools: Dranzer, the CERT Basic Fuzzing Framework (BFF), and the CERT Failure Observation Engine (FOE). While creating tools that can find and analyze vulnerabilities makes up a significant portion of our work in the CERT Vulnerability Analysis team, our focus is on developing and communicating the knowledge we've...

Read More
Updates to CERT Fuzzing Tools (BFF 2.6 & FOE 2.0.1)

Updates to CERT Fuzzing Tools (BFF 2.6 & FOE 2.0.1)

• CERT/CC Blog
Allen Householder

Hi everybody. Allen Householder from the CERT Vulnerability Analysis team here, back with another installment of "What's new in CERT's fuzzing frameworks?" Today we're announcing the release of updates of both our fuzzing tools, the CERT Basic Fuzzing Framework (BFF) version 2.6 and the CERT Failure Observation Engine (FOE) version 2.0.1. The remainder of this post describes the changes in more detail....

Read More
The Report

The Report "Network Profiling Using Flow" Released

• CERT/CC Blog
Austin Whisnant

Hi, this is Austin Whisnant of the CERT Network Situational Awareness Team (NetSA). After a long time in the making, NetSA has published an SEI technical report on how to inventory assets on a network using network flow data. Knowing what assets are on your network, especially those visible to outsiders, is an important step in gaining network situational awareness....

Read More
Java 7 Attack Vectors, Oh My!

Java 7 Attack Vectors, Oh My!

• CERT/CC Blog
Art Manion

While researching how to successfully mitigate the recent Java 7 vulnerability (VU#636312, CVE-2012-4681), we (and by "we" I mean "Will Dormann") found quite a mess. In the midst of discussion about exploit activity and the out-of-cycle update from Oracle, I'd like to call attention to a couple other important points....

Read More
Java Security Manager Bypass Vulnerability

Java Security Manager Bypass Vulnerability

• CERT/CC Blog
Art Manion

Last Sunday, another major Java vulnerability (VU#636312) was reported. Until an official update is available, we strongly recommend disabling the Java 7 plug-in for web browsers. This vulnerability is bad news, at least for those of us trying to avoid phishing and drive-by browsing attacks. The vulnerability is caused by a logic bug that allows an applet to grant itself full privileges. More technical details are available in Vulnerability Note VU#636312....

Read More
CERT Failure Observation Engine 2.0 Released

CERT Failure Observation Engine 2.0 Released

• CERT/CC Blog
Allen Householder

Hi folks, Allen Householder from the CERT Vulnerability Analysis team here. Back in April, we released version 1.0 of the CERT Failure Observation Engine (FOE), our fuzzing framework for Windows. Today we're announcing the release of FOE version 2.0. (Here's the download.) Although it has only been a few months since we announced FOE 1.0, our development cycle is such that FOE 2.0 actually reflects nearly a year of additional improvements over the 1.0 release....

Read More
Vulnerability Data Archive

Vulnerability Data Archive

• CERT/CC Blog
Art Manion

With the hope that someone finds the data useful, we're publishing an archive of almost all of the non-sensitive vulnerability information in our vulnerability reports database....

Read More
CERT Basic Fuzzing Framework 2.5 Released

CERT Basic Fuzzing Framework 2.5 Released

• CERT/CC Blog
Allen Householder

Hi folks, Allen Householder here. In addition to the recent introduction of our new Failure Observation Engine (FOE) fuzzing framework for Windows and Linux Triage Tools, we have updated the CERT Basic Fuzzing Framework (BFF) to version 2.5. This post highlights the significant changes....

Read More
CERT Linux Triage Tools 1.0 Released

CERT Linux Triage Tools 1.0 Released

• CERT/CC Blog
Jonathan Foote

As part of the vulnerability discovery work at CERT, we have developed a GNU Debugger (GDB) extension called "exploitable" that classifies Linux application bugs by severity. Version 1.0 of the extension is available for public download here. This blog post contains an overview of the extension and how it works....

Read More
CERT Failure Observation Engine 1.0 Released

CERT Failure Observation Engine 1.0 Released

• CERT/CC Blog
Allen Householder

In May 2010, CERT released the Basic Fuzzing Framework, a Linux-based file fuzzer. We released BFF with the intent to increase awareness and adoption of automated, negative software testing. An often-requested feature is that BFF support the Microsoft Windows platform. To this end, we have worked to create a Windows analog to the BFF: the Failure Observation Engine (FOE). Through our internal testing, we've been able to help identify, coordinate, and fix exploitable vulnerabilities in...

Read More
Vulnerability Severity Using CVSS

Vulnerability Severity Using CVSS

• CERT/CC Blog
Art Manion

If you analyze, manage, publish, or otherwise work with software vulnerabilities, hopefully you've come across the Common Vulnerability Scoring System (CVSS). I'm happy to announce that US-CERT Vulnerability Notes now provide CVSS metrics....

Read More
CNAME flux

CNAME flux

• CERT/CC Blog
Jonathan Spring

Hello this is Jonathan Spring. Recently, Leigh Metcalf and I uncovered some interesting results in our continuing work on properties of the Domain Name System (DNS). Our work involves an unconventional use of CNAME (canonical name) records. Besides an IP address, CNAME records are the only other location a domain may have in the DNS. Instead of an IP address, a CNAME record is a redirection or alias service that points to another name....

Read More