14 DAY TRIAL // Silvio Cesare, a researcher from Australia, managed to develop a tool that's capable of identifying bugs and weaknesses that might be hiding in Linux libraries.
According to SC Magazine, the script created by Cesare correlates Common Vulnerability Exposures (CVE) for third party libraries to determine if the vulnerabilities were patched or not.
By utilizing the Graph Theory and Fuzzy hashing, the tool is able to identify relationships between source packages and perform thorough analysis that can provide information on whether a flaw still exists or not.
Vulnerability detection processes have been very slow up until now and Cesare believes his new technique is not only faster, but much more reliable.
Even though the tool produces a lot of false positive results, the identification of such a result takes only a few seconds which still makes his method much faster than any manual process.
During tests, he managed to find 30 vulnerabilities in Linux platforms, five of which were in Debian and Fedora and another one in a library utilized by Mozilla.