论文信息 - Beyond stack smashing: recent advances in exploiting buffer overruns

Beyond stack smashing: recent advances in exploiting buffer overruns

Security vulnerabilities related to buffer overruns account for the largest share of CERT advisories, as well as high-profile worms - from the original Internet Worm in 1987 through Blaster's appearance in 2003. When malicious crackers discover a vulnerability, they devise exploits that take advantage of the vulnerability to attack a system. The article describes three powerful general-purpose families of exploits for buffer overruns: arc injection, pointer subterfuge, and heap smashing. These new techniques go beyond the traditional "stack smashing" attack and invalidate traditional assumptions about buffer overruns.

Jonathan D. Pincus | Brandon Baker | Jon Pincus | B. Baker

[1] David Litchfield. Defeating the Stack Based Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server , 2003 .

[2] Gary McGraw,et al. Exploiting Software: How to Break Code , 2004 .

[3] Crispan Cowan,et al. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks , 1998, USENIX Security Symposium.

[4] Calton Pu,et al. Buffer overflows: attacks and defenses for the vulnerability of the decade , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[5] A. One,et al. Smashing The Stack For Fun And Profit , 1996 .

[6] John Wilander,et al. A Comparison of Publicly Available Tools for Dynamic Buffer Overflow Prevention , 2003, NDSS.

[7] Dave Aitel,et al. The Shellcoder's Handbook: Discovering and Exploiting Security Holes , 2004 .