Hosting Provided By

Re: partial analysis of vulndev-1.c

From: Dana Epp <dana(at)vulscan.com>
Date: Tue May 13 2003 - 18:29:02 EDT

Original Message -----
> From: "David R. Piegdon" <fleshyCPU@gmx.net>
> [...]

Just because Linux may allocate the memory on the heap doesn't mean it can't be overflowed. This is a comon misconception that bites a lot of us. (Chances are you already know this)

You could muck with it and trick the free into overwriting arbitrary memory locations with exploit data. There is a pretty good paper on this over at: http://www.w00w00.org/files/articles/heaptut.txt. Although heap overflows are much harder to predict and architect, it is still quite possible. I wouldn't count on the fact Linux uses the heap as a saving grace against an attack like this.

---
Regards,
Dana M. Epp

Received on Tue May 13 18:42:23 2003

This message: [ Message body ]
Next message: Cameron Brown: "RE: Administrivia: List Announcement"
Previous message: Wynn Fenwick: "Re: Administrivia: List Announcement"
In reply to David R. Piegdon: "partial analysis of vulndev-1.c"
Next in thread: master of chaos - lord of mean: "Re: partial analysis of vulndev-1.c"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:39 EDT