Here are a few vulnerabilities (including pending ones) whose discovery was contributed by Julien Tinnes. Unfortunately, a few very critical ones are not listed here because related vendors have not been convinced of the benefits of full disclosure. There are also a few pending vulnerabilities, some vendors are really slow.
CVE-2008-4441 | May. 2008 | Marvell Driver Malformed Association Request Vulnerability | Discovered by Laurent Butti and Julien Tinnes | No exploit disclosed |
CVE-2008-1197 | Feb. 2008 | Marvell Driver Null SSID Association Request Vulnerability (affectc at least some Netgear products) | Discovered by Laurent Butti and Julien Tinnes | No exploit disclosed |
CVE-2008-1144 | Nov. 2007 | Marvell Driver EAPoL-Key Length Overflow (affects at least some Netgear products) | Discovered by Laurent Butti and Julien Tinnes | No exploit disclosed |
CVE-2007-5474 | Oct. 2007 | Atheros Vendor Specific Information Element Overflow (affects at least some Linksys products) | Discovered by Laurent Butti and Julien Tinnes | No exploit disclosed |
CVE-2007-5475 | Oct. 2007 | To be disclosed remote vulnerability (vaiting for vendor) | Discovered by Laurent Butti and Julien Tinnes | No exploit disclosed |
CVE-2007-5651 | Jul. 2007 | Cisco products EAP denial of service vulnerability | Discovered by Benoit Stopin, Laurent Butti, Franck Veysset and Julien Tinnes | No exploit disclosed |
CVE-2006-6332 | Nov. 2006 | MadWifi buffer overflow vulnerability | Discovered by Jerome Razniewski, Laurent Butti and Julien Tinnes | Remote Linux kernel exploit published in Metasploit |
CVE-2008-1143 | Sep. 2006 | To be disclosed client-side remote vulnerability (vaiting for vendor) | Discovered by Julien Tinnes | No exploited disclosed |
CVE-2006-0228 | Jan. 2006 | Grsecurity RBAC admin role dropping security issue | Discovered by Julien Tinnes | No exploited disclosed |
OpenBSD W^X | Jan. 2006 | OpenBSD W^X limitation (not really a vulnerability) making it useless in most cases of stack buffer overflows | Discovered by Julien Tinnes | PoC disclosed |
CVE-2006-2183 | Dec. 2005 | Truecrypt local privilege escalation vulnerability | Discovered by Julien Tinnes | Exploit disclosed |