Re: White paper: Exploiting the Win32 API.

From: Paul Starzetz (paulat_private)
Date: Mon Aug 26 2002 - 07:47:12 PDT

Next message: Kyle Duren: "Yahoo Messenger Install Secuirty"

Previous message: Mandrake Linux Security Team: "MDKSA-2002:053 - xinetd update"
In reply to: Andrey Kolishak: "Re: White paper: Exploiting the Win32 API."
Next in thread: Rothe, Greg (G.A.): "RE: White paper: Exploiting the Win32 API."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrey Kolishak wrote:

>
>There is also article of Symeon Xenitellis "A New Avenue of Attack:
>Event-driven system vulnerabilities" http://www.isg.rhul.ac.uk/~simos/event_demo/
>
>  
>
In fact, the problem is similar to U*ix signals, except that there is no 
jump-to-address argument for usual. Remember that old ping bug which 
allowed users to flood the network by sending SIGALRM in some old ping 
implementations. Maybe reading some manuals about safe signal handling 
would be a good lecture for Windows developers too:

http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/   
Section 3.3 especially

regards

/ih

Next message: Kyle Duren: "Yahoo Messenger Install Secuirty"
Previous message: Mandrake Linux Security Team: "MDKSA-2002:053 - xinetd update"
In reply to: Andrey Kolishak: "Re: White paper: Exploiting the Win32 API."
Next in thread: Rothe, Greg (G.A.): "RE: White paper: Exploiting the Win32 API."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Aug 27 2002 - 11:46:51 PDT