[Full-disclosure] PGMfuzz - a tool for testing Pragmatic General Multicast protocol implementations
IRM Research
research at irmplc.com
Tue Dec 11 18:01:17 GMT 2007
PGM is a reliable multicast transport protocol developed by a group of vendors including Cisco and TIBCO and described in RFC3208. The protocol is used in various messaging and middleware products, including TIBCO's Rendezvous and SmartPGM FX.
IRM have discovered a range of PGM related vulnerabilities in TIBCO products (http://www.irmplc.com/index.php/111-Vendor-Alerts---0days#TIBCO) and as part of the research developed a tool, PGMfuzz for identifying vulnerabilities in PGM option parsing implementations.
The tool can be downloaded here:
http://www.irmplc.com/index.php/158-Messaging-Systems-Security
Full-Disclosure is hosted and sponsored by Secunia.