Home page logo

bugtraq logo Bugtraq mailing list archives

Re: insecure signal handler design
From: "Magosányi" "Árpád" <mag () bunuel tii matav hu>
Date: Tue, 29 May 2001 21:28:42 +0200

A levelezõm azt hiszi, hogy Michal Zalewski a következõeket írta:

We are proud to announce our new security paper, "Delivering signals for
fun and profit". This paper is an attempt to discuss security aspects of
For your convenience, it is attached to this message as well (20 kB). Your
feedback would be greatly appreciated.


Is there any known exploit against real programs using this technique?
The technique seems to work in a very low probability level due to
the timing issues. But the first thing I have learned reading bugtraq
is that if something is even remotely and theoretically exploitable,
someone is using the technique for years already (and openbsd have
fixed it two years ago:).

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]