NSS Labs’ announced today that their penetration-testing site, Exploithub, will be offering bounties to researchers for developing exploits for12 high-value vulnerabilities.
Exploithub is putting up $4,400 for working exploits against what the company describes as a “dirty dozen” of client-side vulnerabilities. And, in what may be a first in the vulnerability research field, the company is offering the authors the chance to earn residual payments for subsequent use of the vulnerabilities.
Launched in October of 2010, Exploithub is described as an “iTunes for exploits” – an easy to use market for penetration testers and IT staff to obtain high quality exploits to use against software they are evaluating.
But every iTunes needs its music, so NSS has opted to put money on the table to attract talented vulnerability researchers and prime the pump. NSS has identified 12 known vulnerabilities by their Common Vulnerabitiles and Exposures (CVE) numbers. They are: CVE-2011-1256, CVE-2011-1266, CVE-2011-1261, CVE-2011-1262, CVE-2011-1963, CVE-2011-1964, CVE-2011-0094, CVE-2011-0038, CVE-2011-0035, CVE-2010-3346, CVE-2011-2110, and CVE-2011-0628. Each exploit will be worth somewhere between $100 and $500. Ten of the eligible vulnerabilities are in Microsoft’s Internet Explorer browser, with the remaining two being in Adobe Flash.
Submitted bounty candidates must be client-side remote exploits resulting in code execution, PoC and denial of service does not count, and the exploits under the bounty program cannot currently be available in the Metasploit framework community or other exploit toolkits. The first participant to submit a working exploit wins.
“Client-side exploits are the weapons of choice for modern attacks, including spear phishing and so-called APTs. Security professionals need to catch up,” said Rick Moy, NSS Labs CEO in a statement. “This program is designed to accelerate the development of testing tools, as well as help researchers do well by doing good.”