Industrial Research in Security
One of my activities is Industry Research in the field of Security. What this means is, that I often examine computer systems with respect to the intended design (as stated) and against the standard of today's user expectation- and I do so both independently and in collaboration with others. The results in this field are the discovery of previously unknown issues, often "vulnerabilities", in a given system. Generally when results are found, they are eventually assigned a "CVE" identifier, among other identifiers, and result in a patch or update being distributed. This page is a reference table of my public results and proven credentials in the field, but it is not a complete reference to my experience. Generally speaking, I've done a handful of studies per year. Only some of them produce results. If instead, you are looking to collaborate in this field in a more academic sense or in the educational or laboratory setting, you can still contact me, and I will consider your question.Announcement Date | CVE Number | Vendor | Product | Other Identifers | Description | PoC | Collaborators |
---|---|---|---|---|---|---|---|
2023 | TBD | ||||||
2008 | |||||||
May 30th 2008 | CVE-2008-2538 | Sun Microsystems | Solaris 8 to 10, and OpenSolaris up to build snv_91 | Sun Alert #237864 | Me: "A vulnerability in crontab may allow hijacking of other user's crontabs." Vendor: "A Security Vulnerability in the Solaris crontab(1) utility may allow execution of Arbitrary Code" | ||
2007 | |||||||
July 27th 2007 | CVE-2007-4070 | Sun Microsystems | Solaris 8 to 10 | Sun Alert #200863 | Vendor: "A Security Vulnerability in lbxproxy(1) may Allow Unauthorized Read Access to Files" | ||
2006 | |||||||
August 23rd 2006 | CVE-2006-4315 | SSH Communications Security (ssh.com) | SSH Tectia Client, Server, and Connector up to 5.0.1, and Manager up to 2.1.2; on Windows | RQ #13895 | Vendor: "SSH Tectia Windows Pathname Parsing Vulnerability" | ||
2005 | |||||||
November 11th 2005 | CVE-2005-4158 | Sudo Project | Sudo up to 1.6.8 p11 | Bugtraq ID 15394 | Vendor: "Sudo Perl Environment Variable Handling Security Bypass Vulnerability" | ||
June 20th 2005 | CVE-2005-1993 | Sudo Project | Sudo 1.3.1 to 1.6.8 p8 | Bugtraq ID 13993 | Vendor: "Race condition in sudo 1.3.1 up to 1.6.8p8, when the ALL pseudo-command is used after a user entry in the sudoers file, allows local users to gain privileges via a symlink attack." |