Vulnerability Development mailing list archives
RE: Buffer UNDERFLOWS: What do you know about it?
From: OUAH <supermouette () bluewin ch>
Date: Mon, 12 Jan 2004 03:30:34 +0100
hi,
I've been thinking about it for few days, Googling, looking for
papers, articles
or whatever over the internet, but there is scant material about it. So I decided ask what you guys know about it?
there was a famous bug in Apache in the beginning-middle of 2002 (known as apach chunked vuln) discovered by ISS and successfully exploited by GOBBLES. If it was strictly speaking a classical heap overflow ("overrrun"), the way GOBBLES exploited it in openbsd systems is like a buffer "underrun". (With the heap overflow, they can controled the last argument of a memcpy() call. And by rending this argument negative in openbsd , memcpy() copy in the backward direction.) my 2 cents about buffer underruns.. -------- OUAH
Current thread:
- Buffer UNDERFLOWS: What do you know about it? Julio e2fsck Cesar (Jan 10)
- <Possible follow-ups>
- RE: Buffer UNDERFLOWS: What do you know about it? OUAH (Jan 13)
- RE: Buffer UNDERFLOWS: What do you know about it? Chris Anley (Jan 14)