2009 Pwnie Award Winners

Best Client-Side Bug

msvidctl.dll MPEG2TuneRequest Stack buffer overflow (CVE-2008-0015)

Best Privilege Escalation Bug

Linux udev Netlink Message Privilege Escalation (CVE-2009-1185)

Best Server-Side Bug

Linux SCTP FWD Chunk Memory Corruption (CVE-2009-0065)

Best Song

Nice Report

Epic 0wnage

Red Hat Networks Backdoored OpenSSH Packages (CVE-2008-4250)

Lamest Vendor Response

Linux

Lifetime Achievement Award

Solar Designer

Most Epic Fail

Twitter Gets Hacked and the “Cloud Crisis”

Most Innovative Research

From 0 to 0day on Symbian

Most Over-Hyped Bug

MS08-067 Server Service NetpwPathCanonicalize() Stack Overflow (CVE-2008-4250)