Vulnerability Development mailing list archives

Re: Information on attacks other than format string bugs, and buf ove rflows.

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Sat, 3 Mar 2001 03:00:30 -0500

On Fri, 2 Mar 2001, O'Kelly, Aidan wrote:

I was wondering if anyone knows any good papers on other types of
attacks, apart from buffer overflows and format strings, that can
result from bugs in C, for example, the recent bug in sshd.(cant think
of any more examples, thats why I'm asking)


which recent bug in sshd? there have been a few.

a coworker at crimelabs did a nice summary paper he presented last summer
that we *finally* put up.

http://www.crimelabs.net./docs/sec-programming.ps

enjoy.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Current thread:

Information on attacks other than format string bugs, and buf ove rflows. O'Kelly, Aidan (Mar 02)
- Re: Information on attacks other than format string bugs, and buf ove rflows. Jose Nazario (Mar 03)
- Re: Information on attacks other than format string bugs,and buf ove rflows. Blue Boar (Mar 03)