Bugtraq: Re: non-exec stack

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: non-exec stack

From: Casper.Dik () HOLLAND SUN COM (Casper Dik)
Date: Mon, 8 May 2000 10:06:04 +0200

Here's an overflow exploit that works on a non-exec stack on x86 boxes.
It demonstrates how it is possible to thread together several libc
calls.  I have not seen any other exploits for x86 that have done this..


Non-executable stacks do not work in Solaris/x86.

It is impossible to give page level protection that prevents
execution on the x86 architecture.

Casper

By Date By Thread

Current thread:

non-exec stack Tim Newsham (May 06)
- "I don't think I really love you" Michal Zalewski (May 07)
- Re: non-exec stack Casper Dik (May 08)
  - Re: non-exec stack Gert Doering (May 09)
    - Re: non-exec stack Casper Dik (May 09)
    - Re: non-exec stack Nate Eldredge (May 10)
    - 쀼릿: Re: non-exec stac ZhaoQian (May 10)
    - Alert: IIS ism.dll exposes file contents Cerberus Security Team (May 11)