The topic of this thread is "Java bofs". Java is presumably immune to bofs, due to the VM's boundchecking mechanisms. The question still remains whether the VM has security bugs. And yes, there are many other bugs which could leave security breaches. And yes Java, is vulnerable to poor coding as any other language around. []'s Woody > Hi, > > > I heard thatt java is invulnerable to bofs > > Has anyone succefully exploited a bof in java ? > > Please notice that buffer overflow is only one way of software exploitation. > Generalizing the concept, any procedure that makes a software work badly, > and if possible be directed to do something you want (and obviously not > authorized), can be considered exploitation. > > Please does not sit down and relax just because Java should not have buffer > overflows. There are inifinite ways of directing a software to do something > bad or not expected, and once more, buffer overflows (or overruns if you > prefer) is *just* one option. > > Regards, > > Nelson Junior > nelsonat_private > nelsonat_private > -- Rafael Anschau - Terra Networks Brasil Operacao Nacional - (51) 3284 4246
This archive was generated by hypermail 2b30 : Wed Jun 26 2002 - 09:02:27 PDT