»I mostly post on G+ now. …»

»I ran across a denial of service condition in OS X Leopard's CoreGraphics framework (under the ApplicationServices framework) which was reachable remotely via Safari and Firefox …»

»Late 2008, I reported CVE-2009-2468 to Apple when I reported oCERT-2009-001/CVE-2009-1194 to Mozilla. …»

»In April, I ran across a nice bug in iTunes URL parsing which is accessible automatically from Safari. …»

»patient0 is a toolkit for creating system-wide, run-time process infection with the purpose of exploring OS X's trust model. …»

»regfuzz is a barebones regular expression fuzzer which has found numerous vulnerabilities across many regular expression engines. …»

»Recently, the xine-team requested that someone from oCERT review a few patches to xine. I performed that review and a light security code review of other sections. The details of oCERT-2008-008 follow . . . …»

»Update: Version 0.3.1 of safe_iop is now available. …»

»Multiple vulnerabilities in Ogg Tremor and Vorbis …»

»On Monday, I presented Flayer: Exposing Application Internals at the First USENIX Workshop on Offensive Technologies (WOOT'07). …»

»An out of bounds memcpy() and integer underflow in Asterisk 1.4.x. …»

»An integer overflow in OpenSER's TCP connection handling code allows for a NUL byte to be written to an attacker controlled location in a 2Gb range of the attacked pointer. …»

»Numerous security related bugs in SQLite affecting most versions before 3.4.0. …»

»This my crack at a (quick!) safe integer library for C. …»

»I was recently looking for reverse engineering tools for Linux. …»

»I've been looking for a useful tool to aid note taking, but that I could also keep on a USB stick safely. …»

»Ruby/ActiveLdap is a project I started when I first found Ruby. I'd been tortured by poor LDAP tool suites and LDAP's increasing ubiquity. RAL provides …»

»Multiple vulnerabilities have been discovered in cscope that allow for the execution of arbitrary code. …»

»Multiple vulnerabilities have been discovered in the GNU debugger that allow for the execution of arbitrary code. …»

»I used to spend a lot of time writing helpful tools for myself in Ruby. I haven't done much in a while. I've dumped the old skeletons of work …»

»A while back I sent a patch upstream to tcpdump wh ich adds support for timed rotation of saved packet data files …»

»Ruby/ActiveLdap parses LDAP schemas provided by the server in order to …»

»An old stab at a POSIX-compatible, user-level threading library. …»

This page does not necessarily reflect the views of my employer or anyone I'm associated with.