Vulnerability detection device, vulnerability detection method, and vulnerability detection program
This vulnerability detection device (10) has a vulnerability extraction unit (12), a normalization processing unit (14), and a matching unit (15). The vulnerability extraction unit (12) extracts first program code that corresponds to a vulnerable part of software. The normalization processing unit (14) normalizes parameters included in the first program code extracted by the vulnerability extraction unit (12) and in second program code of software to be inspected for vulnerable parts. The matching unit (15) matches the normalized first program code with the normalized second program code in order to detect, within the second program code, the same or similar program code to the first program code.
Publication number: WO2016027641A1 | Search similar patents
Vulnerability assessment system, vulnerability assessment method, and vulnerability assessment program
The effect of software vulnerability is assessed in a system provided with a computer and network equipment. The vulnerability assessment system (10) assesses software vulnerability in a system to be assessed that is provided with a computer and network equipment. An affected software extraction unit (31) of the vulnerability assessment system (10) assesses whether the software of the system to be assessed is affected by vulnerability on the basis of a vulnerability information database (21) and a software database (24) of computer software. A direct path search unit (32) of the vulnerability assessment system (10) determines whether affected software can be attacked from an external network when it has been assessed by the affected software extraction unit (31) that the software of the system to be assessed is affected by the vulnerability.
Publication number: WO2012132125A1 | Search similar patents
vulnerability scanning method and device
Provided in an embodiment of the present invention are a vulnerability scanning method and device. The method comprises: a reverse scan proxy module obtains a client packet; the reverse scan proxy module sends the client packet to a vulnerability scanner, such that the vulnerability scanner identifies a vulnerability of the client according to the client packet; or the reverse scan proxy module identifies the vulnerability of the client according to the client packet, and sends the vulnerability of the client to the vulnerability scanner; the reverse scan proxy module receives a control signaling of the vulnerability scanner, changes an operating method and/or an operating mode according to the control signaling, and updates a vulnerability rule. The embodiment of the present invention obtains a client packet via a reverse scan proxy module, analyzes the client packet to identify a vulnerability existed in a client, and on the basis of a security problem of a remote detection server, adds the analysis on a client security problem, thus detecting the security of a whole network environment.
Publication number: WO2016095591A1 | Search similar patents
Mitigating vulnerabilities associated with return-oriented programming
The disclosed embodiments provide a system that operates a processor in a computer system. During operation, the system identifies one or more return sites associated with a call instruction of a software program. Next, the system restricts execution of a return from the call instruction by the processor to the one or more return sites.
Publication number: US2014283060A1 | Search similar patents
Vulnerability examining system
A vulnerability examining system for examining the vulnerability of a system to an attack through a network. The system comprises a server connected to a network and storing information and an agent and a computer connected to the network. A control agent operated by the computer acquires necessary information and the agent through the network according to a scenario given an instruction to start, builds an environment for executing the scenario in the computer, prepares vulnerability examination, and makes the vulnerability examination when the preparation is completed.
Publication number: WO2005124572A1 | Search similar patents
System and method for network vulnerability detection and reporting
A system and method provide comprehensive and highly automated testing of vulnerabilities to intrusion on a target network (310), including identification of operating system, identification of target network topology and target computers, identification of open target ports, assessment of vulnerabilities (364) on target ports, active assessment of vulnerabilities based on information acquired from target computers (344), quantitative assessment of target network security and vulnerability, and hierarchical graphical representation of the target network, target computers, and vulnerabilities in a test report. The system and method employ minimally obtrusive techniques to avoid interference with or damage to the target network during or after testing.
Publication number: EP1466248A1 | Search similar patents
Access point controller and control method thereof
Provided is a control method of an access point controller (APC), the method including: (a) if occurrence of a predetermined security vulnerability checking event on particular terminal equipment is sensed, controlling the plurality of APs so that port scanning is capable of being performed on the particular terminal equipment; and (b) determining that security vulnerability has occurred in the particular terminal equipment in at least one of a case where the predetermined port is opened, a case where the predetermined port is closed, and a case where the number of opened ports exceeds a predetermined number, as a result of performing port scanning on the particular terminal equipment.
Publication number: US2015143526A1 | Search similar patents
Vulnerability countermeasure device, and vulnerability countermeasure method
Provided is a vulnerability countermeasure device capable of assessing effects of vulnerability in order to prevent data from being interrupted more than necessary. The vulnerability countermeasure device stores configuration information which associates a plurality of computers connected across a network and software possessed by each computer, vulnerability information which associates the software with information that is related to the vulnerability of the software, and countermeasure policy information which associates the software with a countermeasure policy to be executed if there is a vulnerability in the software; calculates the computer at which data will arrive on the basis of information related to a path of the data included in the data which have been received from a used terminal; acquires software existing in the computer on the basis of the calculated computer and configuration information; assesses whether or not there is a vulnerability in the acquired software on the basis of the acquired software and the vulnerability information; and is provided with countermeasure means for executing a countermeasure to a vulnerability in accordance with a countermeasure policy with respect to the software which has been assessed to have the vulnerability.
Publication number: WO2013035181A1 | Search similar patents
Method of identifying software vulnerabilities on a computer system
A method of identifying a software vulnerability on a computer system is disclosed in which the computer system has software stored thereon and is connected to a management system over a computer network. The method comprises the steps of: applying an interrogation program to the software, the interrogation program being capable of exploiting a known software vulnerability if it is present in the software to which the interrogation program is applied; in the event that the software vulnerability is exploited by the interrogation program, operating the interrogation program to generate a set of management information from which can be derived the identification of the computer system; and sending the management information to the management system.
Publication number: US2004088565A1 | Search similar patents
Method and device for patching of vulnerability
The present invention discloses a method and a device for patching of vulnerability, which belong to the computer security field. The method includes: the vulnerability patching device detects whether vulnerability exists in a computer; the existent vulnerability is analyzed in order to obtain the level of the vulnerability, and the corresponding patching of the existent vulnerability is implemented according to the level of the vulnerability. The device includes: detecting module, analyzing module, and patching module. The present invention enables patching of vulnerability automatically when the vulnerability of the computer is detected, and manual operation is avoided through the whole patching process; so as to improve the user experience, help the user to patch the vulnerability of the computer instantly, and most adequately decrease the venture of the computer from being attacked by hacker while the user visits a network.
Publication number: WO2010105516A1 | Search similar patents
Method for protecting a software using a so-called variable principle against its unauthorised use
The invention concerns a method for protecting, from at least a unit, a vulnerable software against its unauthorised use, said vulnerable software operating on a data processing system. The method consists in creating a protected software: by selecting in the source of the vulnerable software at least a variable; by producing the source of the protected software by modifying the source of the vulnerable software, so that the selected variable becomes resident in a unit.
Publication number: EP1412861A2 | Search similar patents
Method to provide customized vulnerability information to a plurality of organizations
The present invention provides a means of providing computer security vulnerability information to a plurality of organizations such that the vulnerability information provided to each organization is customized to its network environment. Each organization has an Enterprise Server. An asset management module in each organization's Enterprise Servers sends device configuration information to a system at a Co-Location Facility. The Co-Location Facility system aggregates this data. Information concerning vulnerabilities is also gathered from computer equipment vendors on an ongoing basis. This vulnerability information is compared to the aggregated data from the organizations' Enterprise Servers, and only the vulnerability information relevant to each organization is delivered back to that organization. The delivered information is then used to customize the vulnerability assessment and management activities, including scanning, for each organization such that their activities are limited to vulnerabilities that are directly related to their environment.
Publication number: US2006101519A1 | Search similar patents
System and method for correlating log data to discover network vulnerabilities and assets
The system and method described herein relates to a log correlation engine that may cross-reference or otherwise leverage existing vulnerability data in an extensible manner to support network vulnerability and asset discovery. In particular, the log correlation engine may receive various logs that contain events describing observed network activity and discover a network vulnerability in response to the logs containing at least one event that matches a regular expression in at least one correlation rule associated with the log correlation engine that indicates a vulnerability. The log correlation engine may then obtain information about the indicated vulnerability from at least one data source cross-referenced in the correlation rule and generate a report that the indicated vulnerability was discovered in the network, wherein the report may include the information about the indicated vulnerability obtained from the at least one data source cross-referenced in the correlation rule.
Publication number: US2014283083A1 | Search similar patents
Vulnerability and remediation database
A security information management system is described, wherein client-side devices preferably collect and monitor information describing the operating system, software, and patches installed on the device(s), as well as configuration thereof. A database of this information is maintained, along with data describing vulnerabilities of available software and associated remediation techniques available for it. The remediation techniques in the database include some that apply software patches, some that change the device's policy settings, and some that change one of the device's configuration files or registry.
Publication number: US2005005159A1 | Search similar patents