Software Bug Reporting

Software Bug Reporting

Closed - This job posting has been filled.

Job Description

I need a security researcher to find NEW bugs in common popular software. If you find a bug, case details should be as technical as possible and ideally include proof-of-concept code to trigger the issue. Insights into additional attack vectors are valued as we aim to create robust vulnerability protection filters.

$5 for the first security flaw submitted
If successful, we can renegotiate for the next submission.

ANSWER THESE QUESTIONS WITH THE BUG SUBMISSION PLEASE!

1. Is the affected product widely deployed?

2. Can exploiting the flaw lead to a server or client compromise AND At what privilege level?

3. Is the flaw exposed in default configurations/installations?

4. Are the affected products high value (e.g. databases, e-commerce servers, DNS, routers, firewalls)?

5. Does the attacker need to social engineer his victim? (e.g. clicking a link, visiting a site, connecting to a server, etc.)

• The vulnerability must be remotely exploitable. Aside from server-side vulnerabilities we will also accept code execution vulnerabilities in e-mail and web clients and file format parsing vulnerabilities in commonly exchanged and trusted files.

$5 for the security flaw submitted

---
Skills: security-testing, ethical-hacking, test, routers