https://bugzilla.redhat.com/show_bug.cgi?id=832698 Bug ID: 832698 QA Contact: extras-qa@xxxxxxxxxxxxxxxxx Severity: medium Version: rawhide Priority: medium CC: notting@xxxxxxxxxx, package-review@xxxxxxxxxxxxxxxxxxxxxxx Assignee: nobody@xxxxxxxxxxxxxxxxx Summary: Review Request: CERT Triage tools - a gdb extension similar to microsoft's !exploitable Regression: --- Story Points: --- Classification: Fedora OS: Linux Reporter: bressers@xxxxxxxxxx Type: --- Documentation: --- Hardware: All Mount Type: --- Status: NEW Component: Package Review Product: Fedora Spec URL: http://fedorapeople.org/~bressers/exploitable-review/exploitable.spec SRPM URL: http://fedorapeople.org/~bressers/exploitable-review/exploitable-1.01-1.fc16.src.rpm Description: CERT Triage tools, which currently only contain a gdb extension called exploitable Fedora Account System Username: bressers I've packaged up CERT's Triage tools, which are really just a gdb extension right now. The package installs an extension specific python module, and a script into /usr/bin The script doesn't currently have a man page (it's on my list). I wanted to start the review now as I'm certain this will need some work. The extension basically will show the user if their application crash is exploitable or not (it's certainly not perfect, but getting this to a wider audience should help improve it greatly). For example: bress@localhost ~ % cert-triage /tmp/test warning: Current output protocol does not support redirection Description: Access violation near NULL on destination operand Short description: DestAvNearNull (14/21) Hash: f7ba00781cd7cb6b8ae2fbf50d65e661.f7ba00781cd7cb6b8ae2fbf50d65e661 Exploitability Classification: PROBABLY_EXPLOITABLE Explanation: The target crashed on an access violation at an address matching the destination operand of the instruction. This likely indicates a write access violation, which means the attacker may control write address and/or value. However, it there is a chance it could be a NULL dereference. Other tags: AccessViolation (20/21) Additionally this can be run directly from gdb via the 'exploitable' command. Thanks. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review