Bugtraq mailing list archives
Re: Buffer overflow and OS/390
From: marc () SUSE DE (Marc Heuse)
Date: Sat, 6 Feb 1999 16:53:33 +0100
Hi,
When I was thinking about the OS/390 and its open TCP/IP services, this came to my mind that the conceptual resemblance between MVS and UNIX may lead to some successful buffer overflow attack in OS/390. Now open MVS comes with TCP/IP services that are running as Started Tasks which seem to be just like suid demons. TSO session creates its own address space which seems like a memory space for UNIX shell environment. If a normal user can create a shell code for the jump to the TSO command line of a SPECIAL user, I think that buffer overflow may not be impossible.
well, you can't mess with code space as normal users (if i remember correctly). buffer overflows are of course possible, but you can't use them to do stack smashing attacks because the code and data segments are seperated.
Even C compiler is available for the ESA. Well, if someone finds vulnerable programs, this may lead to successful attack on the environment.
well, back in an old job I did a security review of the OpenEdition segment and found some security vulnerabilities (which should be fixed in the current release - it was a hard fight until they promised that). i think there are still my vulnerabilities left still to be found for the brave searcher ;-) Greets, Marc -- Marc Heuse, S.u.S.E. GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: marc () suse de Function: Security Support & Auditing issue a "finger marc () suse de | pgp -fka" for my public pgp key
Current thread:
- Re: Buffer overflow and OS/390 Crispin Cowan (Feb 04)
- <Possible follow-ups>
- Re: Buffer overflow and OS/390 Olaf Seibert (Feb 05)
- Re: Buffer overflow and OS/390 Marc Heuse (Feb 06)
- Re: Buffer overflow and OS/390 Nick Maclaren (Feb 08)
- Re: Buffer overflow and OS/390 Do-Geun Jo (Feb 08)