Full Disclosure mailing list archives
Re: Coming soon: CPU fix for buffer overflows
From: hybriz <hybriz () rego-security com>
Date: Mon, 23 Feb 2004 20:28:25 +0000
first of all, despite of what that news website says, that is old news. second, it's just a page execution bit implementation like other archs have, it doesnt mean that buffer overflows can will be avoided, it just means non-exec stack can be subject of a page-wise implementation (not that it hasnt been done on IA-32, has the PAX hack shows, though with HUGE performance kill). third, return-into-libc and heap overflows still exist. forth, win2k source code leak had nothing to do with buffer overflows in m$ software. fifth, critical windows source code wasnt leaked, have u seen the tarball? it only has IE/MSHTML crap and pointless API code, other leaks have proven much more interesting. fifth, thank you for that buffer definition, surely most of this list's subscribers didnt know what a buffer was. sixth, I love your contributions to this list, they're always so funny that I just had to say something this time. regards, hybriz -- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Coming soon: CPU fix for buffer overflows Richard M. Smith (Feb 23)
- Re: Coming soon: CPU fix for buffer overflows Ralf Ertzinger (Feb 23)
- Re: Coming soon: CPU fix for buffer overflows William Warren (Feb 23)
- <Possible follow-ups>
- Re: Coming soon: CPU fix for buffer overflows hybriz (Feb 23)
- RE: Coming soon: CPU fix for buffer overflows hybriz (Feb 23)
- RE: Coming soon: CPU fix for buffer overflows Mike Barushok (Feb 23)
- RE: Coming soon: CPU fix for buffer overflows Michael Williamson (Feb 24)
- RE: Coming soon: CPU fix for buffer overflows Mike Barushok (Feb 23)
- Re: Coming soon: CPU fix for buffer overflows Helmut Hauser (Feb 24)
- Re: Re: Coming soon: CPU fix for buffer overflows Jeremiah Cornelius (Feb 24)