Metasploit offers bounty for exploits
The Metasploit team is looking for exploits for 30 security vulnerabilities, for which it is offering bounties of up to $500 each. The vulnerabilities in question have already been fixed by the respective vendors, but as most were reported directly to those vendors, specific details were never made public. Exploit developers and contributors can claim a vulnerability, which gives them one week to work on a module and deliver a suitable exploit.
Should they fail to do so, the exploit will no longer be reserved and will be open again to the community. The top five vulnerabilities for which the team is offering the maximum bounty include a vulnerability affecting DNS name queries in Windows; this can be exploited by an attacker on the same network using crafted broadcast packets to take control of another computer. The team is also offering the maximum bounty for vulnerabilities in Windows' GDI+ library, Lotus Notes, IBM Tivoli Directory Server and Google Chrome.
At the time of writing, contributors have already been found for four of the top five vulnerabilities, with only the Chrome vulnerability so far failing to find any takers. There are still a number of $100 vulnerabilities available as well. The exploits must be submitted as Metasploit modules and where necessary be able to bypass Windows address space layout randomisation (ASLR) and data execution prevention (DEP) features.
The latest stable release of the Metasploit exploit framework is version 3.7.1. Metasploit is released under a 3-clause BSD license.
- Return of the sprayer - JIT Spraying: Exploits to beat DEP and ASLR, a report from The H.