The Qualys Research team won two Pwnie Awards today at Black Hat USA 2021 for discovering and responsibly disclosing these new vulnerabilities: Best Privilege Escalation Bug and Most Under-Hyped Research.
The Qualys Research team received these awards:
Best Privilege Escalation Bug
A heap-based buffer overflow vulnerability was discovered in Sudo and is exploitable by any local user (normal users and system users, sudoers and non-sudoers), without authentication (i.e., the attacker does not need to know the user’s password). Read more
Most Under-Hyped Research
Multiple critical vulnerabilities were discovered in the Exim mail server, some of which can be chained together to obtain full remote unauthenticated code execution and gain root privileges. Read more
About Pwnie Awards
The Pwnie Awards are an annual recognition celebrating the achievements of security researchers and the security community. Nominations are taken from the security community at large, and a panel of respected security researchers reviewed the Active Nominations and announced winners in each category at Black Hat USA 2021 on August 4, 2021 at 5:30pm PT.
Qualys is honored for the second time in a row after being nominated for five Pwnie Awards in 2020.
Join Our Research Team
The Qualys Research team engages in innovative vulnerability research and has multiple open positions within our vulnerability research team. If you are a security researcher looking for new opportunities, we invite you to apply for our open research and engineering positions worldwide.