mailing list archives
Re: [PEN-TEST] Crusoe chip.
From: Craig Anderson <craig () XTIME COM>
Date: Mon, 6 Nov 2000 19:37:39 +0000
On Mon, 6 Nov 2000, Ben Ford wrote:
I just had an interesting conversation that sparked an idea. One of the
major problems we have regarding security is the fact that the stack on
the x86 architecture is executable. Because of that, when we have a
buffer overflow, arbitrary code can be executed.
My question is this: Because the x86 architecture is only software
emulated on the Crusoe chip, could that chip (or the software layer
emulating the x86) detect when a buffer overflow was happening and head
off any code execution, thereby eliminating the root exploit?
<--( SNIP )-->
Let us not forget that most Heap/BSS are executable as well. It has
also been shown ( Tim Newsham, Crispin Cowan, etc.. Bugtraq archive ) that
you can utilize the Heap/BSS to bypass stack overflow protection/detection
( i.e. StackGuard ).
Anyone know of anyone doing work on this? Heap/BSS overflows are
abound, and nothing I know of has been set forth to eliminate them since
most of the overflows being written for the public eye are stack-based..
but again I could be completely wrong.