Barry Irwin
SensePost
Aug
26
singIn an effort to learn more about the OSVDB and vulnerabilities in general, I applied to be a data mangler.
First off a definition:
Data Mangler: A "Data Mangler" is person whose responsibility is to mangle, or edit, a number of vulnerabilities each and every day. Data Manglers do a large amount of technical writing.
The documentation is pretty decent and the backend is very easy to use. It does require a lot of reading and it took me about 1.5 hours to mangle my first entry, and about 40 minutes to mangle the second. My profile is here, you get one point per successfully mangled vulnerability.
I have had three mangles accepted so far. They were both positive learning experiences, particularly about the specifics of exploitation, exploit dissemination and hacking groups, all things I have an idea of but researching them gives me much more insight. They are:
Data Mangler: A "Data Mangler" is person whose responsibility is to mangle, or edit, a number of vulnerabilities each and every day. Data Manglers do a large amount of technical writing.
The documentation is pretty decent and the backend is very easy to use. It does require a lot of reading and it took me about 1.5 hours to mangle my first entry, and about 40 minutes to mangle the second. My profile is here, you get one point per successfully mangled vulnerability.
I have had three mangles accepted so far. They were both positive learning experiences, particularly about the specifics of exploitation, exploit dissemination and hacking groups, all things I have an idea of but researching them gives me much more insight. They are:
- Winamp Skin File Local Zone Arbitrary Code Execution
- PHP-Nuke PhotoADay Module Input Validation Error Variable XSS
- Network Everywhere NR041 Router DHCP HOSTNAME Script Injection
Last modified on 2004-09-09 11:39
Schneier on Security: Friday Squid Blogging: Preserving Giant Squid
0 Trackbacks