|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Buffer Overflow Survey Paper
Crispin Cowan (crispin
CSE.OGI.EDU)
Tue, 23 Nov 1999 02:39:53 +0000
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Elias Levy: "Printer Vulnerabilities (Tektronix and JetDirect)"
- Previous message: Alec Muffett: "ANN: Bruce v1.0 Early Access 1 - Available for downloa"
- Next in thread: Crispin Cowan: "Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper)"
- Reply: Crispin Cowan: "Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper)"
Six weeks ago, I asked Bugtraq for responses on the question of whether
buffer overflows dominate the area of security vulnerabilities as part
of a paper I was writing. Numerous people asked me to post results when
I'm done.
On the narrow question: approximately 2/3 of respondants thought that
buffer overflows do indeed dominate the problem of security
vulnerabilities. The remaining 1/3 thought that mis-configuration was
the dominant problem. I respect both views, but think that
"misconfiguration" is not really a software problem, it's an operational
problem. Thus, one could say that buffer overflows are the leading
cause of software vulnerabilities, and misconfiguration is the leading
operational problem. Which problem dominates overall vulnerability is
unclear.
On the broader question: the paper is complete. It will appear at the
DARPA Information Survivability Expo (
http://schafercorp-ballston.com/discex/ ) and will also appear as an
invited talk at SANS 2000 (
http://www.sans.org/newlook/events/sans2000.htm ). This paper
categorizes the various kinds of buffer overflow attacks, the various
kinds of defensive measure that can be employed, and shows which
defenses are effective against which attacks.
The paper itself is available for download here:
http://immunix.org/StackGuard/discex00.pdf
Crispin
-----
Crispin Cowan, CTO, WireX Communications, Inc. http://wirex.com
Free Hardened Linux Distribution: http://immunix.org
- Next message: Elias Levy: "Printer Vulnerabilities (Tektronix and JetDirect)"
- Previous message: Alec Muffett: "ANN: Bruce v1.0 Early Access 1 - Available for downloa"
- Next in thread: Crispin Cowan: "Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper)"
- Reply: Crispin Cowan: "Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper)"
This archive was generated by hypermail 2.0b3 on Tue Nov 23 1999 - 01:10:53 CST