Vulnerabilities Research Group

Meeting Notes
Wednesday, July 22, 1998

tentative minutes; not yet approved

Present: Matt Bishop, Mike Fitzgrerald (notetaker), Todd Heberlein, Keith Herold, David O'Brien, Jeff Rowe, Omar Vanegas, Theresa White,

Meeting began at 11:00AM
  1. Previous Business
    1. none
  2. Presentation (Matt)
  3. Review of Intrusion Detection and Response Data Sharing Workshop
    1. Distributed executive summary (see proceedings or web page,
  4. Vulnerabilities Database
    Matt plans a release at the end of the summer, of vulnerability data only (no attack data or signatures); aim is to have about 60 entries in it.
  5. Bug of the week
    Keith discussed an imapd vulnerability having to do with buffer overflow. The problems is that imapd takes 8K of data and tries to put it into a 1K buffer. This version of imapd was distributed with pine version 4.0, and a patch has already been distributed
Meeting adjourned at 11:45AM
Send email to
Matt Bishop
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562

Page last modified on 8/4/98