Tag: Sun

  • Dr. Jekyll and Mr. Hide (Sun & Disclosure)

    [This was originally published on the OSVDB blog.] Today just happened to be the right day where I saw the Jekyll and “Hide” of Sun though. A few days ago, |)ruid posted about a Solaris ypupdated vulnerability in which he says it corresponds to CVE-1999-0208 / OSVDB 11517. Given the original vulnerability was published in […]

  • The Purpose of Tracking Numbers.. (Sun)

    [This was originally published on the OSVDB blog.] Early in 2006, I posted about HP using multiple identifiers for the same vulnerability. Recently, Sun Microsystems has done a little overhaul to their advisory pages and I noticed that they too now use entirely too many tracking numbers. For example, this Sun advisory has the following: […]

  • Full Disclosure – Effective or Excuse?

    [This was originally published on attrition.org.] A comprehensive look at the practice of Full Disclosure, problems associated with it for vendors and security companies, and examples of full disclosure put to the test. (3300 words) The world of computer security has developed a wicked game of politically correct ‘cat and mouse’. This game is played […]