Ver:
Un tipo de software, un fragmento de datos, o una secuencia de comandos que aprovecha un fallo o una vulnerabilidad en el sistema de un usuario para provocar un comportamiento no deseado o imprevisto. Las acciones que se suelen realizar la violenta toma de control de un sistema, una escalada de privilegios o un ataque de denegación de servicio.
http://www.inteco.es/glossary/Formacion/Glosario/
Código malicioso escrito con vistas a utilizar un error del sistema y poder así tomar control de la máquina. [CCN-STIC-435:2006]
Exploit kits are
ready-to-use software packages that automate cybercrime. They use mostly
drive-by download attacks whose malicious code is injected in compromised
websites. These attacks exploit multiple vulnerabilities in browsers and
browser plug-ins26. Moreover, exploit kits use a plethora of channels to
deliver malware and infect unsuspected web users. An important characteristic
of exploit kits is their ease of use (usually through a web interface) allowing
people without technical knowledge to purchase and easily use them.
ENISA Threat Landscape [Deliverable 2012-09-28]
An exploit is a
technique or software code (often in the form of scripts) that takes advantage
of a vulnerability or security weakness in a piece of target software.
https://buildsecurityin.us-cert.gov/daisy/bsi/articles/knowledge/attack/590-BSI.html
A program or
technique that takes advantage of a vulnerability in software and that can be
used for breaking security, or otherwise attacking a host over the network.
http://www.symantec.com/avcenter/refa.html
Code that takes
advantage of a vulnerability to gain access to data and control over a system.
https://www.nsslabs.com/reports/threat-definitions
Temas relacionados