Przemysław Frasunek

Przemysław Frasunek (also known as venglin, born May 6, 1983) is a "white hat" hacker and computer security expert from Poland. He has been a frequent Bugtraq poster since late in the 1990s,^[1] noted for one of the first published successful software exploits for the format string bug class of attacks,^[2]^[3] just after the first exploit of the person using nickname tf8.^[4]^[5] Until that time the vulnerability was thought harmless.

Reported Bugs

Notable vulnerabilities credited to Przemysław Frasunek:

CVE-2000-0573, Format string bug in WU-FTPD (remote root exploit), one of the first exploits for the format string bug class of attacks.^[6]
CVE-2001-0414, Buffer overflow (remote root exploit) in NTP server, affecting wide range of systems.^[7]^[8]
CVE-2005-2072, Privilege escalation (local root exploit) affecting Sun Solaris versions 8,9,10 and OpenSolaris operating systems, discovered two weeks after public release of the OpenSolaris.^[9]

External links

Przemysław Frasunek's personal home page

References

^ WWW page on Frasunek's security research
^ Software exploit for the WU-FTPD format string vulnerability
^ Software vulnerabilities' descriptions at wikivx.biz
^ tf8's version of the wu-ftpd 2.6.0 exploit
^ scut / team-teso Exploiting Format String Vulnerabilities v1.2 September 9, 2001
^ Buffer Overflow & Format Strings - Seminar on Computer Security
^ NTP vulnerability, Cisco
^ Vulnerabilities database, Securityfocus
^ Secunia Advisory on Sun Solaris 8/9/10 vulnerability

Persondata
Name	Frasunek, Przemyslaw
Alternative names
Short description
Date of birth	May 6, 1983
Place of birth
Date of death
Place of death