Vulnerability Development mailing list archives

Re: Generalized List of Threats and Vulnerabilities

From: crispin () WIREX COM (Crispin Cowan)
Date: Sun, 23 Jan 2000 20:54:23 +0000


Seth R Arnold wrote:

My next thought is Elias Levy's (Aleph1, moderator of another
SecurityFocus.com mailing list, bugtraq) Smashing the Stack for Fun and
Profit. (I hope I got that correct.) It is an essay he wrote in a recent
issue of phrack (phrack.com I think.) (But, this is an essay about a
specific form of attack, but it is generalized away from specific attacks.
If I recall. :)


It's not so recent (97, I believe) and it is pretty much a cook book for how to
write a stack-smashing style of buffer overflow attack.  I recently wrote a
generalization on buffer overflow attacks, classifying attacks in terms of attack
techniques, and classifying defenses in terms of the classes of attacks that they
stop.  It is available here as "Buffer Overflows:  Attacks and Defenses for the
Vulnerability of the Decade" http://immunix.org/documentation.html#stackguard .  The
PDF file is here:   http://immunix.org/StackGuard/discex00.pdf .

Crispin
-----
Crispin Cowan, CTO, WireX Communications, Inc.    http://wirex.com
Free Hardened Linux Distribution:                 http://immunix.org

Current thread:

Re: Secure coding in C (was Re: Administrivia #4883), (continued)
- - - Re: Secure coding in C (was Re: Administrivia #4883) Tellier, Brock (Jan 20)
    - Re: Secure coding in C (was Re: Administrivia #4883) Marco Walther (Jan 20)
    - Re: Secure coding in C (was Re: Administrivia #4883) Seth R Arnold (Jan 21)
    - Re: Secure coding in C (was Re: Administrivia #4883) Blue Boar (Jan 21)
    - Re: Secure coding in C (was Re: Administrivia #4883) Mikael Olsson (Jan 21)
    - Re: Secure coding in C (was Re: Administrivia #4883) Marco Walther (Jan 21)
    - Re: Secure coding in C (was Re: Administrivia #4883) CyberPsychotic (Jan 22)
    - Re: Secure coding in C (was Re: Administrivia #4883) Marc Esipovich (Jan 21)
    - Generalized List of Threats and Vulnerabilities Dave Drake (Jan 21)
    - Re: Generalized List of Threats and Vulnerabilities Seth R Arnold (Jan 21)
    - Re: Generalized List of Threats and Vulnerabilities Crispin Cowan (Jan 23)
    - Re: Generalized List of Threats and Vulnerabilities John Duksta (Jan 21)
    - Administrivia #5218 Blue Boar (Jan 21)
    - Re: Administrivia #5218 Imran Ghory (Jan 22)
    - Re: Administrivia #5218 kjkotas (Jan 22)
    - Re: Administrivia #5218 Granquist, Lamont (Jan 24)
    - Re: Administrivia #5218 Bob Fiero (Jan 22)
    - bruterh.sh & syslogd & [g]libc & proftpd & wu-ftpd & sendmail Michal Zalewski (Jan 23)
    - things to break.. Inedag () AOL COM (Jan 23)
    - CGI insecurities hypoclear - lUSt - (Linux Users Strike Today) (Jan 23)
    - HTTP scanners? Scorpus Kahn (Jan 15)

(Thread continues...)