[26828] in bugtraq
Re: White paper: Exploiting the Win32 API.
daemon@ATHENA.MIT.EDU (Paul Starzetz)
Tue Aug 27 14:47:49 2002
Message-ID: <3D6A3F70.3060104@starzetz.de>
Date: Mon, 26 Aug 2002 16:47:12 +0200
From: Paul Starzetz <paul@starzetz.de>
MIME-Version: 1.0
To: Andrey Kolishak <andr@sandy.ru>, bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Andrey Kolishak wrote:
>
>There is also article of Symeon Xenitellis "A New Avenue of Attack:
>Event-driven system vulnerabilities" http://www.isg.rhul.ac.uk/~simos/event_demo/
>
>
>
In fact, the problem is similar to U*ix signals, except that there is no
jump-to-address argument for usual. Remember that old ping bug which
allowed users to flood the network by sending SIGALRM in some old ping
implementations. Maybe reading some manuals about safe signal handling
would be a good lecture for Windows developers too:
http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/
Section 3.3 especially
regards
/ih
