- Przemysław Frasunek
Przemysław Frasunek (also known as venglin, born May 6, 1983) is a "
white hat " hacker andcomputer security expert fromPoland . He has been a frequentBugtraq poster since late in the 1990s [ [http://www.frasunek.com/#security WWW page on Frasunek's security research] ] , noted for one of the first published successful software exploits for theformat string bug class of attacks [ [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0573 Software exploit for the WU-FTPD format string vulnerability] ] [ [http://vulnerability.computer.science.en.wikivx.biz/ Software vulnerabilities' descriptions at wikivx.biz] ] , just after the first exploit of the person using nickname tf8 [ [http://marc.info/?l=bugtraq&m=96171893218000&w=2 tf8's version of the wu-ftpd 2.6.0 exploit] ] [scut / team-teso [http://julianor.tripod.com/bc/formatstring-1.2.pdf Exploiting Format String Vulnerabilities] v1.2 September 9, 2001] . Until that time the vulnerability was thought harmless.Reported Bugs
Notable vulnerabilities credited to Przemysław Frasunek:
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0573 CVE-2000-0573] , Format string bug inWU-FTPD ("remote root exploit"), one of the first exploits for theformat string bug class of attacks. [ [http://diuf.unifr.ch/tns/teaching/SecurityThreads/Zindel_BufferOverflowAndFormatStrings.pdf Buffer Overflow & Format Strings - Seminar on Computer Security] ] .
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0414 CVE-2001-0414] , Buffer overflow ("remote root exploit") in NTP server, affecting wide range of systems [ [http://www.cisco.com/warp/public/707/cisco-sa-20020508-ntp-vulnerability.pdf NTP vulnerability] , Cisco] [ [http://www.securityfocus.com/bid/2540 Vulnerabilities database] , Securityfocus] .
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2072 CVE-2005-2072] , Privilege escalation ("local root exploit") affectingSun Solaris versions 8,9,10 andOpenSolaris operating systems, discovered two weeks after public release of theOpenSolaris [ [http://secunia.com/advisories/15841/ Secunia Advisory on Sun Solaris 8/9/10 vulnerability] ] .External links
* [http://www.frasunek.com Przemysław Frasunek's personal home page]
References
:
Wikimedia Foundation. 2010.
