[12099] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Buffer Overflows and Remote Root Exploits

daemon@ATHENA.MIT.EDU (Crispin Cowan)
Sun Oct 3 22:48:34 1999

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id:  <37F64EFC.E01BA26F@cse.ogi.edu>
Date:         Sat, 2 Oct 1999 18:29:17 +0000
Reply-To: crispin@CSE.OGI.EDU
From: Crispin Cowan <crispin@CSE.OGI.EDU>
X-To:         "BUGTRAQ@SECURITYFOCUS.COM" <BUGTRAQ@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM

I'm writing a paper on categorizing buffer overflow attacks and
defenses.  I conjecture (from my experience) that buffer overflow
attacks constitute a *huge* majority of all remote root exploits (the
other major category being weak escapes in CGI scripts).  Two questions:

   * Does the community agree with these conjectures?
   * Can anyone cite a paper or statistic to back up these claims?

Thanks,
    Crispin
-----
 Crispin Cowan, Research Assistant Professor of Computer Science, OGI
    NEW:  Protect Your Linux Host with StackGuard'd Programs  :FREE
       http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[12099] in bugtraq

Buffer Overflows and Remote Root Exploits

daemon@ATHENA.MIT.EDU (Crispin Cowan)Sun Oct 3 22:48:34 1999

daemon@ATHENA.MIT.EDU (Crispin Cowan)
Sun Oct 3 22:48:34 1999