Re: Java and buffer overflows

From: Nelson Sampaio Araujo Junior (nelsonat_private)
Date: Tue Jun 25 2002 - 17:40:33 PDT

Next message: Alonso Caballero: "RE: login yahoogroups."

Previous message: Rafael Anschau: "Re: Java and buffer overflows"
In reply to: Rafael Anschau: "Re: Java and buffer overflows"
Next in thread: Rafael Anschau: "Re: Java and buffer overflows"
Reply: Rafael Anschau: "Re: Java and buffer overflows"
Reply: Dave Aitel: "Re: Java and buffer overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

> I heard thatt java is  invulnerable to bofs
> Has anyone succefully exploited a bof in java ?

Please notice that buffer overflow is only one way of software exploitation.
Generalizing the concept, any procedure that makes a software work badly,
and if possible be directed to do something you want (and obviously not
authorized), can be considered exploitation.

Please does not sit down and relax just because Java should not have buffer
overflows. There are inifinite ways of directing a software to do something
bad or not expected, and once more, buffer overflows (or overruns if you
prefer) is *just* one option.

Regards,

Nelson Junior
nelsonat_private
nelsonat_private

Next message: Alonso Caballero: "RE: login yahoogroups."
Previous message: Rafael Anschau: "Re: Java and buffer overflows"
In reply to: Rafael Anschau: "Re: Java and buffer overflows"
Next in thread: Rafael Anschau: "Re: Java and buffer overflows"
Reply: Rafael Anschau: "Re: Java and buffer overflows"
Reply: Dave Aitel: "Re: Java and buffer overflows"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jun 26 2002 - 09:10:48 PDT