Home

XFORCE

zip

IRL Name: 
Neel Mehta
Biography: 

Accredited for finding numerous vulnerabilities for IBM Internet Security Systems; while working on their team code named XFORCE. He is now a Google Engineer.

Examples of vulnerabilities worked on: (either by himself or with his group):
Found Heap based buffer overflow of Common Management Agent
ClamAV Library Remote Heap Overflows Security Advisory
Multiple Remote Vulnerabilities in BIND4 and BIND8

Most famous for his skills with Reverse Engineering, finding the Heartbleed bug and binary source code auditing.

References

http://74.125.95.104/search?q=cache:We9ph3gs0p4J:cansecwest.com/core05/0...

https://knowledge.mcafee.com/article/763/613366_f.SAL_Public.html

http://unjobs.org/authors/neel-mehta

http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html

duke

IRL Name: 
Mark Dowd
Biography: 

Accredited for finding numerous vulnerabilities for IBM Internet Security Systems; while working on their team code named XFORCE.

Found Adobe flash player invalid pointer vulnerability, as well as buffer overflows in the following software: Sendmail, Microsoft Exchange, OpenSSH, Internet Explorer, Mozilla, Checkpoint VPN, and Windows Encryption software.

Proved that you can exploit NULL pointer dereferences in applications coded in high-level programming languages.

Pictures: 
References

http://www.iss.net/threats/289.html

http://www.informit.com/authors/author_bio.aspx?ISBN=0321444426

http://www.blackhat.com/html/bh-usa-02/bh-usa-02-speakers.html#Dowd

http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1310...

Syndicate content