Penetration Testing mailing list archives
Re: [PEN-TEST] Crusoe chip.
From: Craig Anderson <craig () XTIME COM>
Date: Mon, 6 Nov 2000 19:37:39 +0000
On Mon, 6 Nov 2000, Ben Ford wrote:
I just had an interesting conversation that sparked an idea. One of the major problems we have regarding security is the fact that the stack on the x86 architecture is executable. Because of that, when we have a buffer overflow, arbitrary code can be executed. My question is this: Because the x86 architecture is only software emulated on the Crusoe chip, could that chip (or the software layer emulating the x86) detect when a buffer overflow was happening and head off any code execution, thereby eliminating the root exploit?
<--( SNIP )--> Helu, Let us not forget that most Heap/BSS are executable as well. It has also been shown ( Tim Newsham, Crispin Cowan, etc.. Bugtraq archive ) that you can utilize the Heap/BSS to bypass stack overflow protection/detection ( i.e. StackGuard ). Anyone know of anyone doing work on this? Heap/BSS overflows are abound, and nothing I know of has been set forth to eliminate them since most of the overflows being written for the public eye are stack-based.. but again I could be completely wrong. Anyone? -- Craig
Current thread:
- [PEN-TEST] Crusoe chip. Ben Ford (Nov 07)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 07)
- Re: [PEN-TEST] Crusoe chip. Bennett Todd (Nov 08)
- Re: [PEN-TEST] Crusoe chip. Robert van der Meulen (Nov 08)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 08)
- Re: [PEN-TEST] Crusoe chip. Robert van der Meulen (Nov 09)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 08)
- Re: [PEN-TEST] Crusoe chip. c0ncept (Nov 22)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 07)