During my recent audit of Oracle Solaris, undertaken as a weekend project, I inevitably had to review the Common Desktop Environment shipped with Solaris 10. CDE has a huge attack…
A low impact information disclosure vulnerability in the setuid root xlock binary distributed with Solaris may allow local users to read partial contents of sensitive files. Due to the fact…
As previously mentioned, INFILTRATE left me with the will to hack stuff and enjoy it like it was 1999. That's why I decided to take a closer look at Solaris…
2019 marks 20 years of my professional career in information security. What better way to celebrate this milestone than to give a talk at INFILTRATE? For those who are not…
A buffer overflow in the DtPrinterAction::PrintActionExists() function in the Common Desktop Environment 2.3.0 and earlier, as used in Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to…
I was investigating another 0day, when I noticed that Solaris 11 is also affected by the recent Xorg local privilege escalation vulnerability (CVE-2018-14665). For a number of reasons, finding a…
