Re: Is there any Buffer overflow attack mechanism that can break a vulnerable server without breaking the ongoing connection?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Arjan van de Ven escreveu:

buffer overflows do not break connections, and as such I think you are
out of luck.
Having said that.. on modern linux distros it's pretty hard to do a
buffer overflow exploit nowadays (NX[1] to make stacks non-executable,
randomisations, compiler based detection (via FORTIFY_SOURCE and/or
-fstackprotector)... add all those together and it's certainly not easy
to do this....



[1] or emulations of NX such as segment limits techniques


Hello!

Locally is very simple to exploit buffer overflows in the linux kernel. This protections is not efective very well, so it's possible many attacks... It's possible to return in mmap() area, overwrite values em syscall table and after that run malicious code using mmap() to allocate
data and many others schemes and techniques.

Linux is very robust and its resources is very good, but it is not yet the solution against buffer overflows.

Best Regards,

Nash Leon -
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux