Vulnerability Development mailing list archives

RE: cobol language vulnerabilities


From: Michael Iseyemi <MIseyemi () Minacs com>
Date: Fri, 23 Apr 2004 15:57:48 -0400

Kevin,

I am a Security professional with Cobol experience and will be glad to lend
assistance in this regard.

Thanks,
Michael

-----Original Message-----
From: Kevin Partridge [mailto:kgp () nethere com]
Sent: Thursday, April 22, 2004 9:03 PM
To: vuln-dev () securityfocus com
Subject: cobol language vulnerabilities


Hello all.

I'm wondering if anyone might be able to point me in the right
direction. I'm doing a paper on language issues in secure coding. A lot
has been written covering C/C++. And java gets good coverage for its
sandboxing. Almost no coverage of other languages exists out there. I've
found some good information on Ada (totally by accident). But I'd like
to know where I could start with Cobol. I've already gotten the
standard.

I plan to try and implement some exploitable C code via Cobol. To make
educated choices on what exploits to try I need to know a lot more about
Cobol. I have no experience in the language but I do have some
knowledgeable veterans at my disposal for coding assistance. They are
not security gurus, however.

Any direction would be greatly appreciated.

Thanks.

Kevin


Current thread: