Qualys Research Wins Two 2021 Pwnie Awards

Animesh Jain

The Qualys Research team won two Pwnie Awards today at Black Hat USA 2021 for discovering and responsibly disclosing these new vulnerabilities: Best Privilege Escalation Bug and Most Under-Hyped Research.

The Qualys Research team received these awards:

Best Privilege Escalation Bug

Heap-based buffer overflow in Sudo! (Baron Samedit)

A heap-based buffer overflow vulnerability was discovered in Sudo and is exploitable by any local user (normal users and system users, sudoers and non-sudoers), without authentication (i.e., the attacker does not need to know the user’s password). Read more

Most Under-Hyped Research

21 Nails

Multiple critical vulnerabilities were discovered in the Exim mail server, some of which can be chained together to obtain full remote unauthenticated code execution and gain root privileges. Read more

About Pwnie Awards

The Pwnie Awards are an annual recognition celebrating the achievements of security researchers and the security community. Nominations are taken from the security community at large, and a panel of respected security researchers reviewed the Active Nominations and announced winners in each category at Black Hat USA 2021 on August 4, 2021 at 5:30pm PT.

Qualys is honored for the second time in a row after being nominated for five Pwnie Awards in 2020.

Join Our Research Team

The Qualys Research team engages in innovative vulnerability research and has multiple open positions within our vulnerability research team. If you are a security researcher looking for new opportunities, we invite you to apply for our open research and engineering positions worldwide.

Share your Comments

Comments

Your email address will not be published.