Security Incidents mailing list archives

Re: Stack Execution

From: "Kurt Seifried" <bugtraq () seifried org>
Date: Fri, 15 Feb 2002 14:03:14 -0700

If I disable stack execution in Solaris 6 and 8, am I still vulnerable to

the SNMP vulnerability.  Cert makes a comment to this but it isn't clear.
Either it stops stack smashing or it doesn't.  Any information would be
appreciated.


Thank you in advance,

Charles


It stops some stack smashing, but not all. In Linux for example even with
Solar Designer's OpenWall kernel patch, ImmunixOS addons and the like it's
still possible to smash the stack.

It's like any security, you'll be a bit more secure, but never 100%.

Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/
http://www.idefense.com/digest.html


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

Stack Execution Hornat, Charles (Feb 15)
- Re: Stack Execution Kurt Seifried (Feb 15)
  - Re: Stack Execution Eric Brandwine (Feb 15)