Bugtraq mailing list archives

RE: remote memory reading through tcp/icmp

From: Michael Wojcik <Michael.Wojcik () microfocus com>
Date: Tue, 22 Jan 2002 14:20:13 -0800

From: David LeBlanc [mailto:dleblanc () mindspring com]
Sent: Sunday, January 20, 2002 6:27 PM

The operating system should be clearing memory belonging to one
process before handing it to another. If its not doing that, then
there's a bigger problem than just this.


Indeed, this is a requirement of Orange Book C2 security (the "Object Reuse"
requirement).  I realize the Rainbow Series is more or less passe, but the
point is this is a long-standing security principle.  

Michael Wojcik
Principal Software Systems Developer, Micro Focus
Department of English, Miami University

Current thread:

remote memory reading through tcp/icmp Andrew Griffiths (Jan 20)
- Re: remote memory reading through tcp/icmp Fyodor (Jan 21)
- RE: remote memory reading through tcp/icmp David LeBlanc (Jan 22)
- Re: remote memory reading through tcp/icmp Casper Dik (Jan 31)
- <Possible follow-ups>
- Re: remote memory reading through tcp/icmp Andi Kleen (Jan 22)
  - Re: remote memory reading through tcp/icmp (linux) Martin Mačok (Jan 22)
- RE: remote memory reading through tcp/icmp Michael Wojcik (Jan 22)