Symantec released this whitepaper back in Oct 2006 by Virus Bulletin Conference.
http://www.symantec.com/avcenter/reference/me.code.write.good.pdf
It deals with the buggy code that can commonly be found in worms / viruses.
It is an interesting read, but I was sad to see one big virus bug missing.
The Sasser FTPD Exploit. The exploit attacked a buffer overflow in the FTPD server installed and used by almost all major variants of the Sasser worm.
I remember when that exploit was released and it was just too funny...an exploit created for a vulnerability in a virus that was designed to target another operating system vulnerability.
Irony is funny sometimes...
No comments:
Post a Comment