secgeeks's blog

Find Security Tools on

Hi All,

I have been monitoring various security related forums, mailing list and twitter accounts and i come across lot of tools which can be useful in day to day analysis. so i have created a page on which will list out all such tools here:
I will keep it updated. if you like to add any tool please contact me at

if you want an account on this site then also contact me.

Security Interview Questions - Part I

I have compiled a list of security interview questions. They are like standard in most of the interviews today. you can easily find solutions for them online by using google.
Generally a security interview consists of various stuff like networking, Operating system internals, Exploit techniques, Bypass and prevention techniques etc.This is a not a full list and i will keep posting more posts regarding this. I will also list some reference material which you can use for studying.

Analyzing CVE-2012-6075 qemu: e1000 driver buffer overflow when processing large packets when SBP and LPE flags are disabled

This is an interesting bug in qemu, although since its in a emulation software, it is not that critical in production environment[as far as i know, things might be different].

the cve entry for this bug says following:

“Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.”