During a recent assessment of a voice application we found a very intriguing vulnerability that, besides being a lot of fun to exploit, demonstrates how the complexity of modern applications,…
During my recent audit of Oracle Solaris, undertaken as a weekend project, I inevitably had to review the Common Desktop Environment shipped with Solaris 10. CDE has a huge attack…
A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris may allow local users to read partial contents of sensitive files. Due to the fact…