Re: Linux Buffer Overflow Security Exploits

H. Peter Anvin (hpa@transmeta.com)
17 Mar 1999 17:36:37 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Morgan: "Kernel Opps in 2.2.3"
Previous message: H. Peter Anvin: "Re: DES module in kernel?"

Followup to: <7cobid$lsq$1@smurf.noris.de>
By author: smurf@noris.de (Matthias Urlichs)
In newsgroup: linux.dev.kernel
>
> R.E.Wolff@BitWizard.nl (Rogier Wolff) writes:
> > is a bit more comfortable than writing a program that continually
> > tries to pass illegal arguments to system calls, because when you
> > succeeed, you will crash your machine many times before you have
> > an "exploit".
> >
> Umm, if you crash your machine by passing illegal values to syscalls then
> you _have_ found an exploit.
>
> It may one that can only be used to crash the machine, but so what?
>

This is, of course, assuming you're not running with capabilities
(usually meaning root.)

-hpa

-- "The user's computer downloads the ActiveX code and simulates a 'Blue Screen' crash, a generally benign event most users are familiar with and that would not necessarily arouse suspicions." -- Security exploit description on http://www.zks.net/p3/how.aspb

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: David Morgan: "Kernel Opps in 2.2.3"
Previous message: H. Peter Anvin: "Re: DES module in kernel?"