Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: White paper: Exploiting the Win32 API.
From: Paul Starzetz <paul () starzetz de>
Date: Mon, 26 Aug 2002 16:47:12 +0200

Andrey Kolishak wrote:


There is also article of Symeon Xenitellis "A New Avenue of Attack:
Event-driven system vulnerabilities" http://www.isg.rhul.ac.uk/~simos/event_demo/

In fact, the problem is similar to U*ix signals, except that there is no jump-to-address argument for usual. Remember that old ping bug which allowed users to flood the network by sending SIGALRM in some old ping implementations. Maybe reading some manuals about safe signal handling would be a good lecture for Windows developers too:

http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/ Section 3.3 especially

regards

/ih


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault