Simple Source Auditing Tools Roy INSA

Outline FLAWFINDER RATS

Environment Operating System Linux Requite Computers One Computer

Environment CERT ® Advisory CA Two Input Validation Problems In FTPD Systems Affected:Any system running wu-ftpd or earlier “ ftp daemon may be tricked into executing arbitrary code as root “ tar.gz

Flawfinder Check C and C++ programming vulnerability LowHigh

RATS C,C++ Perl PHP Python XML parser library Install expat Compiler rats

Summery Programmer Timing Lazy Convenient