Tag: HP

  • The Black Market Code Industry

    [This was originally published on the OSVDB blog.] Adam Penenberg wrote an article titled “The Black Market Code Industry” for FastCompany in which he details his research of two HP employees that actively sold exploit code in their spare time, at least one selling exploits in HP’s own software. According to the article, HP knew […]

  • The Purpose of Tracking Numbers.. (Sun)

    [This was originally published on the OSVDB blog.] Early in 2006, I posted about HP using multiple identifiers for the same vulnerability. Recently, Sun Microsystems has done a little overhaul to their advisory pages and I noticed that they too now use entirely too many tracking numbers. For example, this Sun advisory has the following: […]

  • The Purpose of Tracking Numbers.. (HP)

    [This was originally published on the OSVDB blog.] In the context of advisories, it’s simple, to help track documents and avoid confusion. Much the same reason a vulnerability database assigns a unique number to an issue. If there is confusion when discussing a vulnerability, you reference the unique ID and ideally, confusion goes away. That […]