TippingPoint Digital Vaccine Laboratories

Aaron Portnoy

Aaron Portnoy's Image

Security Researcher


Aaron Portnoy is a researcher within TippingPoint's security research group. His responsibilities include reverse engineering, vulnerability discovery, and tool development. Aaron has discovered critical vulnerabilities affecting a wide range of enterprise vendors including: Microsoft, Adobe, RSA, Citrix, Symantec, Hewlett-Packard, IBM and others.

Additionally, Aaron has presented original research at conferences such as BlackHat US, BlackHat Japan, Microsoft's BlueHat, and Toorcon, among others. He has contributed mind share and code to OpenRCE, PaiMei, Sulley, PyMSRPC, as well as various white papers and books.

Published Advisories:
  • TPTI-09-01: VMWare VMnc Codec Invalid RFB Message Type Heap Overflow Vulnerability
  • TPTI-09-02: VMWare VMnc Codec Open-DML Standard Index dwSize Heap Overflow Vulnerability
  • TPTI-08-08: Microsoft Office RTF \dpendgroup Control Word Buffer Overflow Vulnerability
  • TPTI-08-09: Microsoft Office RTF \stylesheet Control Word Buffer Overflow Vulnerability
  • TPTI-08-07: Microsoft Windows Message Queuing Service Memory Corruption Vulnerability
  • TPTI-08-06: Landesk QIP Server Service Heal Packet Buffer Overflow Vulnerability
  • TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability
  • TPTI-07-21: Adobe Flash Player JPG Processing Heap Overflow Vulnerability
  • TPTI-07-18: EMC RepliStor Server Heap Overflow Vulnerability
  • TPTI-07-17: CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabilities
  • TPTI-07-16: CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabilities
  • TPTI-07-14: HP OpenView Multiple Product Shared Trace Service Stack Overflow Vulnerabilities
  • TPTI-07-12: Multiple Vendor Progress Server Heap Overflow Vulnerability
  • TPTI-07-08: Symantec Veritas Storage Foundation Scheduler Service Authentication Bypass Vulnerability
  • TPTI-07-05: IBM Tivoli Provisioning Manager for OS Deployment Multiple Stack Overflow Vulnerabilities
  • TPTI-07-04: LANDesk Management Suite Alert Service Stack Overflow Vulnerability
  • TPTI-06-15: Citrix Presentation Server Client ActiveX Heap Overflow Vulnerability
    • Upcoming Advisories:
  • Hewlett-Packard (726 days since report)
    • Appearances:
  • Reversing Microsoft DirectShow and 3rd Party Codecs
    2009-06-22 You Sh0t The Sheriff
  • Exploiting Online Games
    2009-04-23 RSA Conference 2009
  • Reverse Engineering Dynamic Language Multiplayer Online Games
    2008-10-01 BA-Con Applied Security Conference
  • Reverse Engineering Python Applications
    2008-07-28 USENIX WOOT
  • Reverse Engineering Dynamic Languages, a Focus on Python
    2008-06-13 REcon
  • Reverse Engineering Cookbook
    2008-04-19 Toorcon Seattle
  • RPC Auditing Tools and Techniques
    2007-11-22 DeepSec In-Depth Security Conference
  • Advanced Fuzzing with Sulley
    2007-10-25 BlackHat Japan
  • Fuzzing Sucks!
    2007-09-27 Microsoft BlueHat
  • Fuzzing Sucks!
    2007-08-02 BlackHat US
  • RPC Auditing Tools and Techniques
    2007-05-12 Toorcon Seattle
    • Blog Entries
  • Exploiting MS Advisory 971778 - QuickTime DirectShow Vulnerability
    created 2009-06-30 (3 comments, 708 views)
  • Using PyMSRPC to Trigger MS08-067
    created 2008-11-06 (2 comments, 3105 views)
  • BA-Con and Ekoparty 2008
    created 2008-10-09 (0 comments, 1657 views)
  • Hacking the Pirates of the Caribbean Online MMORPG
    created 2008-06-23 (54 comments, 19096 views)
  • First Annual DeepSec Security Conference
    created 2007-11-24 (0 comments, 3010 views)
  • Sulley vs. HP OpenView
    created 2007-08-24 (2 comments, 4670 views)