It pays to get 0day remote root exploits for vulnerabilities! Digital Armaments Inc. – an IT security company based in the US – launched a hacking challenge on the 1st of November on the topic of “Remote Kernel Exploitation” . The challenge will end on the 31st of December and prizes will be given to the authors of the official advisory reporting the identified vulnerabilities which must result to remote code execution. The winning advisory will be then sold in an auction.

Although the official rules of the challenge forbid the disclosure of any vulnerability related information before the end of the challenge, according to the organizers, news information about important vulnerabilities that worth the early attention of the IT community should be made known before public disclosure of the related exploits.

When I visited their website, their latest news read that “EXCLUSIVE Linux Kernel 2.6.x unpatched remote exploit is available at auction to the Platinum Subscription”. The fee for the Platinum Subscription is 80,000 $ for a year!

My question is: Is the vulnerability so important or the early news about it are for the promotional purposes of the company?

I believe is quite obvious that the early news about this vulnerability, were publicized in order to get more people interested in subscribing to their – in my opinion – very very expensive services… Let’s see what will happen after the 31st of December!

Rumors say that the vulnerability affects the Linux Kernel IPv4 and IPv6.

Trackback This Post | Subscribe to the comments through RSS Feed