Vulnerability Development: Re: Information on attacks other than format string bugs, and buf ove rflows.

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Information on attacks other than format string bugs, and buf ove rflows.

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>
Date: Sat, 3 Mar 2001 03:00:30 -0500

On Fri, 2 Mar 2001, O'Kelly, Aidan wrote:

I was wondering if anyone knows any good papers on other types of
attacks, apart from buffer overflows and format strings, that can
result from bugs in C, for example, the recent bug in sshd.(cant think
of any more examples, thats why I'm asking)


which recent bug in sshd? there have been a few.

a coworker at crimelabs did a nice summary paper he presented last summer
that we *finally* put up.

http://www.crimelabs.net./docs/sec-programming.ps

enjoy.

____________________________
jose nazario                                                 jose () cwru edu
                     PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
                                       PGP key ID 0xFD37F4E5 (pgp.mit.edu)

By Date By Thread

Current thread:

Information on attacks other than format string bugs, and buf ove rflows. O'Kelly, Aidan (Mar 02)
- Re: Information on attacks other than format string bugs, and buf ove rflows. Jose Nazario (Mar 03)
- Re: Information on attacks other than format string bugs,and buf ove rflows. Blue Boar (Mar 03)