[ Technology Blogs Articles News Reviews ]

www Technoclicks.com
Post Tech Blog Article News Reviews

Top Articles

Bug Bounty Hunters Spot Flaw In Linux AV

Posted by iTech - 2006-01-15

3Com has identified a vulnerability in a popular Linux anti-virus program, the fourth time bug bounty hunters have cashed in on the reward the company's TippingPoint division pays for digging up software flaws.

Since July 2005, TippingPoint has paid researchers for uncovering vulnerabilities. The program, dubbed "Zero Day Initiative," to make clear it was only forking over cash for zero-day bugs, doesn't publish a reward rate structure. 3Com uses the information it acquires from the bounties to add protection via its Digital Vaccine service.

"The ClamAV vulnerability is the fourth vendor vulnerability disclosed through ZDI with a corresponding patch," said David Endler, director of security research for TippingPoint, in a statement. "By ensuring threat information remains confidential until a patch can be issued, we are helping strengthen security for all technology users and reducing the risk of zero day attacks."

Tipping Point notified the developers of the open-source ClamAV anti-virus program of the bug in mid-December. On Monday, the group posted a security update to fix the heap overflow flaw.

iDefense, a security intelligence company owned by VeriSign, also has a bug bounty program.

Related Category :

Security ||

Next ....: ID Fraud Overblown, Says Online Banking Business

:: Previous Articles
:: Symantec Denies It Uses Rootkit In Software
:: Viisage, Identix Merging To Form Biometric ID Giant
:: Microsoft's Newest Bug Could Be Awful, Researcher Says

Recent Articles



Home | | Members | Search | Upadtes | RSS | Tags | Site Map | Tags | Conact

© Technoclicks.com - All rights reserved.