Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Penetration of HP/UX

From: Paul Melson <pmelson () gmail com>
Date: Sun, 19 Jun 2011 17:48:21 -0400
On Jun 19, 2011, at 4:11 PM, AK <platsakos () gmail com> wrote:

while I agree with the 2nd paragraph of the email Paul wrote, I believe
that a small clarification should be made on the 1st paragraph. In x86,
the NX bit can be emulated. Emulating the NX bit causes certain
processors to fail to boot, although we are talking K6s/PentiumMMX era
CPUs IIRC. Thus for all intents and purposes, NX-bit can be reliably
emulated in modern x86 CPUs.


I think it's present and available for PAE memory addressing in all modern x86 CPUs.  And yes, some kernels are able to 
emulate it in 32-bit modes as well.  I think this illustrates my point (and yours) that exploitability of a 
vulnerability across platforms is about nuance.  And it's additionally safe to say that exploitability has changed 
significantly in the last 5 years both within and across all modern platforms.

PaulM


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: