14 DAY TRIAL // The nominations for security industry's 2011 Pwnie Awards have been announced and there are a lot of interesting vulnerabilities being considered for a prize.
The Pwnies were founded in 2007 by renowned security researchers Alexander Sotirov and Dino Dai Zovi. The award ceremony is held every year during the Black Hat USA security conference in Las Vegas.
There will be nine awards handed out this year for best server-side bug, best client-side bug, best privilege escalation bug, most innovative research, lamest vendor response, best song, most epic fail, epic 0wnage and lifetime achievement.
The best server-bug award will be disputed by Juliano Rizzo's and Thai Duong's padding oracle exploit in ASP.NET, Matt Bergin server heap overflow in Microsoft FTP, Sebastian Krahmer's and Marius Tomaschewski's metacharacter injection in ISC's dhclient, Tavis Ormandy's BSD-derived IPComp encapsulation stack overflow and the Exim remote code execution flaw discovered in the wild.
In the best client-side bug the nominees are the FreeType vulnerability in iOS discovered and exploited by comex to create JailbreakMe 3.0, VUPEN's alleged Chrome sandbox bypass, Frédéric Hoguin's Java mismatched codebase arbitrary code execution, the BlackBerry exploit that earned Vincenzo Iozzo, Willem Pinckaers, Ralf-Phillipp Weinmann a prize at Pwn2Own and the extremely dangerous Android Market XSS discovered by Jon Oberheide.
The best privilege escalation bug award will go to ether Matthew 'j00ru' Jurczyk for his privilege escalation flaw in Windows CSRSS, Nelson Elhage for a set_fs Linux kernel memory overwrite, Tavis Ormandy for a $ORIGIN privilege escalation in Linux, or Tarjei Mandt for multiple win32k user-mode callback vulnerabilities.
The most innovative research catagory also has strong contestants like Jon Oberheide and Dan Rosenberg for their Linux kernel exploitation techniques dubbed as stackjacking, Haifei Li for his work with the exploitation of Flash ActionScript vulnerabilities, Aaron Portnoy and Logan Brown for their reverse engineering research in Adobe Shockwave, Piotr Bania for his static binary rewriting and program shepherding techniques under Windows, and Chris Valasek for his work with the Low Fragmentation Heap in Vista and Windows 7.
The lamest vendor response award is disputed between Novell, Magix and RSA Security, the best song category has many strong entries so it might go either way, Sony is the sole nominee for most epic fail award, while Anonymous, LulzSec, Stuxnet and Bradley Manning are figthing it for the most epic 0wnage bragging rights.