Re: Question to the memory corruption historians

[Michal Zalewski <lcamtuf () coredump cx>]

> Was it Jonathan Afek with his BlackHat 2007 talk or is there any prior work known?

Duuuude...

I can't provide you with any specific "first" reference, and there
very well may be none (because the idea isn't particularly
groundbreaking, and because back in the late 90s and early 2000s,
people weren't typically making a big deal out of describing a new
exploitation method)....

...but a quick search of BUGTRAQ archives, Phrack, etc, easily yields
discussions of advanced exploitation of use-after-free, double-free,
and many other pointer management bugs (all of which are so closely
related that it probably makes no sense to differentiate):

http://www.phrack.org/issues.html?issue=57&id=9#article (2001)
http://www.phrack.org/issues.html?issue=61&id=6#article (2003)

In fact, my memory is a bit rusty, but I would not be surprised if the
first exploit dates back to 1999 or so.

/mz
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave