[82985] in North American Network Operators' Group
Re: IOS new architechture will be more vulnerable?
daemon@ATHENA.MIT.EDU (Aaron Glenn)
Wed Aug 3 06:50:05 2005
Date: Wed, 3 Aug 2005 03:49:43 -0700
From: Aaron Glenn <aaron.glenn@gmail.com>
To: Saku Ytti <saku+nanog@ytti.fi>
Cc: nanog <nanog@merit.edu>
In-Reply-To: <20050803103414.GA2396@ytti.fi>
Errors-To: owner-nanog@merit.edu
On 8/3/05, Saku Ytti <saku+nanog@ytti.fi> wrote:
> You might want to read lynn-cisco.pdf. This means that today to
> exploit heap overflows you need to know the offsets per release, supposed=
ly
> tomorrow the offsets will be static per releasese in new (in some terms b=
etter)
> architecture, which will make exploiting heap overflows much more feasibl=
e.
without getting *too* off topic...
...here's what the junior kernel hacker in me doesn't quite understand
- doesn't software like ProPolice and it's brethren mitigate this type
of vulnerability specifically? What, precisely, prevents Cisco from
implementing such code in with their architecture?
aaron.glenn
