Dailydave mailing list archives
Re: Question to the memory corruption historians
From: Michal Zalewski <lcamtuf () coredump cx>
Date: Sun, 30 Oct 2011 23:08:53 -0700
Was it Jonathan Afek with his BlackHat 2007 talk or is there any prior work known?
Duuuude... I can't provide you with any specific "first" reference, and there very well may be none (because the idea isn't particularly groundbreaking, and because back in the late 90s and early 2000s, people weren't typically making a big deal out of describing a new exploitation method).... ...but a quick search of BUGTRAQ archives, Phrack, etc, easily yields discussions of advanced exploitation of use-after-free, double-free, and many other pointer management bugs (all of which are so closely related that it probably makes no sense to differentiate): http://www.phrack.org/issues.html?issue=57&id=9#article (2001) http://www.phrack.org/issues.html?issue=61&id=6#article (2003) In fact, my memory is a bit rusty, but I would not be surprised if the first exploit dates back to 1999 or so. /mz _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Question to the memory corruption historians Ralf-Philipp Weinmann (Oct 30)
- Re: Question to the memory corruption historians Michal Zalewski (Nov 01)
- Re: Question to the memory corruption historians Florian Weimer (Nov 01)
- Re: Question to the memory corruption historians Moshe Ben Abu (Nov 07)