Nmap Security Scanner
 Intro
Ref Guide
Install Guide
Download
Changelog
Book
Docs
Security Lists
Nmap Hackers
Nmap Dev
Bugtraq
Full Disclosure
Pen Test
Basics
More
Security Tools
Pass crackers
Sniffers
Vuln Scanners
Web scanners
Wireless
Exploitation
Packet crafters
More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
|
 |
Bugtraq
mailing list archives
Re: Buffer overflow prevention
From: Timo Sirainen <tss () iki fi>
Date: Thu, 14 Aug 2003 22:17:29 +0300
On Thursday, Aug 14, 2003, at 20:26 Europe/Helsinki, Mariusz Woloszyn
wrote:
On Thu, 14 Aug 2003, Stephen Clowater wrote:
Also, you can use chpax, and turn on a non-executable stack, and with
a small
It's been proved many times that non-executable stack adds NO security
at
all.
Every single class of vulnerabilities exploitable with executable stack
can be also exploited with non-executable stack.
What he forgot to mention is that PAX and grsec also gives you
non-executable heap and randomized address bases to prevent
return-to-libc attacks. AFAIK all those combined do bring real security
against generic exploits.
 By Date 
By Thread
Current thread:
- Re: Buffer overflow prevention, (continued)
|
|
