Vulnerability Development mailing list archives
Re: Linux exploits and random post-argv/ envp injection
From: Valdis.Kletnieks () vt edu
Date: Fri, 12 Mar 2004 23:25:40 -0500
On Thu, 11 Mar 2004 05:06:27 GMT, Inventor UCL <digiwind () hotmail com> said:
Looks like Linux's sys_exec() injects a random number of zeroes between the argv/envp and the stack frame for main(), i.e. stack:
Sounds like you're running a Linux kernel that's had either the PAX/Grsecurity patch (from http://pax.grsecurity.net), or the ExecShield code that RedHat did added to it (in recent Fedora) - both will add non-executable stack support and some randomization of addresses, for exactly the reasons you noted.
Attachment:
_bin
Description:
Current thread:
- Linux exploits and random post-argv/ envp injection Inventor UCL (Mar 11)
- Re: Linux exploits and random post-argv/ envp injection Valdis . Kletnieks (Mar 14)
- Re: Linux exploits and random post-argv/ envp injection Gerardo Richarte (Mar 15)