Aug 23, 2010

Client-side expoit demonstration videos

NSS has been testing exploits and exploit-detection/protection products for the last 10 years or so, dating back to the early days of IDS and IPS . It's arguably one of our specialties. And we have written before about the differences between malware, exploits and vulnerabilities. Yet, as these pernicious threats are elevated into mainstream consumer and enterprise awareness, we are seeing quite a bit of terminology confusion. So, for our latest Host Intrusion Prevention System (HIPS) test of enterprise anti-malware products, we created some demonstration videos of client-side exploits used in the test.




Product
Vulnerability
Video Demonstration

Panda
CVE-2010-0249
http://www.youtube.com/watch?v=VPEzOZniuls

Panda
CVE-2010-0806
http://www.youtube.com/watch?v=_fstkScB7YM

F-Secure
CVE-2010-0249
http://www.youtube.com/watch?v=DdvtTuwfa5I

ESET
CVE-2006-0003
http://www.youtube.com/watch?v=U9WRkQyZvb8

Sophos
CVE-2006-4704
http://www.youtube.com/watch?v=F2gfNLzqBwg

Symantec
CVE-2010-0483
http://www.youtube.com/watch?v=RqQLmKI_R30




Posted by at
Labels: , , ,