Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Tippingpoint Releases Details on Unpatched Bugs - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Tippingpoint Releases Details on Unpatched Bugs

Tippingpoint, which operated the "Zero Day Initiative" bug bounty program released 22 vulnerabilities for which no patch is available [1]. Last year, Tippingpoint announced that they will release details 180 days after they are aware of a bug, even if the vendor has not yet released a patch.

The details released include a one paragraph description of the vulnerability, which in itself is usually not enough to come up with an exploit, but it may provide a pointer to re-discover the vulnerability. 

[1] http://www.zerodayinitiative.com/advisories/published/

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

I will be teaching next: Intrusion Detection In-Depth - SANS Boston Summer 2019

Johannes

3576 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!