Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blind Remote Buffer Overflow

From: 11a () GMX NET (Bluefish)
Date: Wed, 3 May 2000 21:44:11 +0200

I disagree to this attitude. If it can be verified / proven that e.g
buffert overflows can be researched (and exploited as well) without access
to binaries, there's one more proven vulnerability in the obscurity
approach to security.

It should be utterly important as well weather administrators of such a
system could be alarmed or not.

With mosts systems it's possible to get a local copy of a system (demos,
buying, etc). But this is not the case for all systems. Some systems only
exists in one single installation (example: most webservers have different
threatscenarios due to how their CGIs etc works). Some public "hacker"
contests by companies which should "prove" the security of their products
are only for extremly rare systems which rules out local analysis for
several people.

(same is true for the my laboration in my Computer Security course btw...
the software is overflowable but it's easier to use the 'intentional'
vulnerability in the laboration server. Wonder if I get extra points if I
actually could provide a buffert overflow against the server? ;)


The issue of admin suspicion should never come into this - anyone who
values their freedom will conduct their vulnerability research on their
local machines, or with explicit authorization from the remote admin.  The
vuln-dev phase is definitely not the right time to play seaky/clever games
over a network, regardless of one's intention.


..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team
Previous By Date Next
Previous By Thread Next

Current thread: