Undercover Exploits (was: ITWE – UV) List Updates

Undercover Exploits were formerly known as "ITWE – UVs" (In the wild exploits against undercover vulnerabilities). The list is made up of vulnerabilities that were discovered due to a system compromise.

New Additions (10 total since 1988):

Old List:

  • 12/29/05 – WMF. (public information)
  • 12/04/03 – Rsync. (credit: David Goldsmith, Matasano)
  • 11/20/03 – do_brk() overflow. (credit: David Goldsmith, Matasano)
  • 3/18/03 – WebDAV. (publicly available information)
  • 9/3/98 – SunOS ToolTalk. (credit: TQBF, who never got the beer…)
  • 4/24/96 – rpc.statd. (double credit: TQBF – thanks again.)
  • 11/2/88 – Sendmail (credit: David Goldsmith, Matasano)
  • 11/2/88 – Fingerd (credit: David Goldsmith, Matasano)

Honorable Mention (which don’t quite make the list because the vulnerability information was not discovered due to an active exploit):

  • RealServer ../../../ overflow
  • Any of the Immunity VSC releases (Mac OS X Kernel Local, anyone?)
  • Samba bug that HDM got hacked with… [this may get elevated, I am not sure]
  • [Credits: Dave Aitel and Anton Chuvakin for the information]