Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
Bug Bounty Hunters Spot Flaw In Linux AV
The flaw affects the open source ClamAV. 3Com's TippingPoint unit pays for digging up zero-day security holes.
January 13, 2006
1 Min Read
3Com has identified a vulnerability in a popular Linux anti-virus program, the fourth time bug bounty hunters have cashed in on the reward the company's TippingPoint division pays for digging up software flaws.
Since July 2005, TippingPoint has paid researchers for uncovering vulnerabilities. The program, dubbed "Zero Day Initiative," to make clear it was only forking over cash for zero-day bugs, doesn't publish a reward rate structure. 3Com uses the information it acquires from the bounties to add protection via its Digital Vaccine service.
"The ClamAV vulnerability is the fourth vendor vulnerability disclosed through ZDI with a corresponding patch," said David Endler, director of security research for TippingPoint, in a statement. "By ensuring threat information remains confidential until a patch can be issued, we are helping strengthen security for all technology users and reducing the risk of zero day attacks."
iDefense, a security intelligence company owned by VeriSign, also has a bug bounty program.
You May Also Like
State of ITSM in Retail
7 Network Monitoring Use Cases
MontanaPBS Shifts to Agile Broadcasting With Help from Raritan KVM Solutions
KVM SwitchÂ High Performance Applications with Dominion KX III
Solution Brief: Fortinet FortiFlex Delivers Usage-Based Security Licensing That Moves at the Speed of Digital Accelerationâ€‹