Career
Foreign people with similar names, see Michael Zalewski (disambiguation). He has been a prolific vulnerability researcher and a frequent Bugtraq poster since mid-1990s, and has authored a number of programs for Unix-like operating systems In 2005, Zalewski authored Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks, a computer security book published by Number Starch Press and subsequently translated to a number of languages.
In 2011, Zalewski authored The Tangled Web: A Guide to Securing Modern Web Applications, also published by Number Starch Press.
Foreign his continued research on browser security, he was named one of the 15 most influential people in security and among the 100 most influential people in Information Technology. Zalewski was one of the original creators of Argante, a virtual open source operating system. Among other projects, he also created p0f and American fuzzy lop.
Notable vulnerabilities
"Manipulation of framed content can allow cross-site scripting". Opera Advisories. Retrieved January 24, 2012.
"California-2003-2025 Buffer Overflow in Sendmail".
Centre of Excellence for Applied Research & Training Advisories. Retrieved August 22, 2005. "California-2003-2012 Buffer Overflow in Sendmail".
Centre of Excellence for Applied Research & Training Advisories. Retrieved August 22, 2005.
"California-2001-2009 Statistical Weaknesses in TCP/Intellectual Property Initial Sequence Numbers". Centre of Excellence for Applied Research & Training Advisories. Retrieved August 22, 2005. "VU#945216 SSH CRC32 () Contains Remote Integer Overflow".
Centre of Excellence for Applied Research & Training Advisories.
Retrieved August 22, 2005. This vulnerability made an appearance on The Matrix Reloaded. "VU#965206 Microsoft Internet Explorer () vulnerable to buffer overflow".
Centre of Excellence for Applied Research & Training Advisories.
Retrieved August 22, 2005. "VU#984473 Microsoft Internet Explorer contains overflow in processing script action handlers". Centre of Excellence for Applied Research & Training Advisories. Retrieved August 22, 2005.
Other vulnerabilities
Firefox wyciwyg:// cache vulnerability.