Re: Buffer overflow and OS/390

From: Crispin Cowan (crispinat_private)
Date: Thu Feb 04 1999 - 12:52:14 PST

Next message: -*- Chotaire -*-: "Re: Linux /usr/bin/lpc overflow"

Previous message: com-nospamat_private: "Re: No Security is Bad Security:"
Maybe in reply to: Do-Geun Jo: "Buffer overflow and OS/390"
Next in thread: Olaf Seibert: "Re: Buffer overflow and OS/390"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Do-Geun Jo wrote:

> When I was thinking about the OS/390 and its open TCP/IP services, this
> came to my mind that the conceptual resemblance between MVS and UNIX may
> lead to some successful buffer overflow attack in OS/390.

When I was at the Oakland Security Conference last year (IEEE Symp. on
Security and Privacy) I made the error of crediting R.T. Morris with inventing
buffer overflows in front of some old timers.  They pointed out to me that
there are buffer overflow exploits going back to the 1960's.  The example
given was an OS/360 problem.

Crispin
-----
 Crispin Cowan, Research Assistant Professor of Computer Science, OGI
    NEW:  Protect Your Linux Host with StackGuard'd Programs  :FREE
       http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/

                 Support Justice:  Boycott Windows 98

Next message: -*- Chotaire -*-: "Re: Linux /usr/bin/lpc overflow"
Previous message: com-nospamat_private: "Re: No Security is Bad Security:"
Maybe in reply to: Do-Geun Jo: "Buffer overflow and OS/390"
Next in thread: Olaf Seibert: "Re: Buffer overflow and OS/390"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:32:41 PDT