[ubuntu-hardened] Edgy and Proactive Security

John Richard Moser nigelenki at comcast.net
Sat Jun 3 18:05:06 BST 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Erratta:

John Richard Moser wrote:
[....]
> 
> (Possibly format string bugs as well; I have not examined all possible
> uses of format string bugs, but am rather certain that, as they read and
> write to arbitrary memory addresses, they must be very sensitive to
> changing address space layouts)
> 

I asked around.  Apparently a format string can be used to spit out
about where you are in memory and expose the location of the stack.
This is useful for canary evasion, possibly other things.  Format string
bugs are thus still a major threat, we can make no guarantees as to
their exploitability.

Sorry about that ;)

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

    Creative brains are a valuable, limited resource. They shouldn't be
    wasted on re-inventing the wheel when there are so many fascinating
    new problems waiting out there.
                                                 -- Eric Steven Raymond

    We will enslave their women, eat their children and rape their
    cattle!
                  -- Bosc, Evil alien overlord from the fifth dimension
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBRIHBQQs1xW0HCTEFAQLRExAAlvr7DAuGdxYDuJHEWEfU8WcGQQFp7a9W
I19nMknGacJTiBkZobld4vMaOxGV9fi7Nzkn0IBHqFAjfwuAiUqnm9a2vmHQ+mQf
gVb1XQWshcw1/WzIcoGhmteq/b89WB3h7UgguYgzb/XIkCJOASpAkAPppHmd/7Ql
ZoE1HXBSQ/lVI4Bukv4DhZjZ6brIff21xnv7mPgZMDW0U1hpaMlJuyTmhAVUB+U1
gPPAtAoeKOXfeHZDKIDQgZJMptC4ipry2cQ2hMvSOiFSaQ2qfxOuKUS13NzQINFY
WtzDfuUqTv4CZB+lc4WM0uXgRfz396MBuXy+nFLdOal6ScdzHJiwRBCM5PIAqF5C
SszS2XHWgfRovJ0ZLpFJASE6dLrbsVV3ytUuPNcQnEKsElrsLKyVr1g3I5HLIKc2
Y1SVGe4dZtBt/l2l7UebdQRK5iJT18B1xWmPXCC3SfrZ0jtSxfQO3z/rS6dCPAng
HtBSmiVGmcGGLRIl9CZnSjhjrHV18WZmykZTxDna573taY/R5t4FBwi9tHPiP/4q
6+5kHtgdxcQXF6dKL1LhtebZD7UrpaHmr7BpfmLD9Z9DAbFh4Y6LTiLwvtcsMKqK
fFMeGGfT3zzFbpzYxvfnORTytSHuVKfOzKNCvRE+rY8QYjfVzEXI1uUtlpG6lgBc
u0aZShzRtD4=
=sNSv
-----END PGP SIGNATURE-----

More information about the ubuntu-hardened mailing list