Michele Crabb. Curmudgeon's Executive Summary. In Michele Crabb, editor, The SANS Network Security Digest. SANS, 1997. Contributing Editors: Matt Bishop, Gene Spafford, Steve Bellovin, Gene Schultz, Rob Kolstad, Marcus Ranum, Dorothy Denning, Dan Geer, Peter Neumann, Peter Galvin, David Harley, Jean Chouanard.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....been attempted. When StackGuard detects such an attack, it causes the application to exit, rather than yield control to the attacker. StackGuarded programs are effectively immunized against stack smashing attacks. Buffer overflow attacks constitute a majority of software security vulnerabilities [7, 6], and the stack smashing variety treated by StackGuard is the most common form of buffer overflow attack. StackGuard offers substantial compatibility advantages, which we demonstrated by using StackGuard to protect an entire Linux distribution of programs [2] Thus StackGuard has the potential ....

Michele Crabb. Curmudgeon's Executive Summary. In Michele Crabb, editor, The SANS Network Security Digest. SANS, 1997. Contributing Editors: Matt Bishop, Gene Spafford, Steve Bellovin, Gene Schultz, Rob Kolstad, Marcus Ranum, Dorothy Denning, Dan Geer, Peter Neumann, Peter Galvin, David Harley, Jean Chouanard.

....been attempted. When StackGuard detects such an attack, it causes the application to exit, rather than yield control to the attacker. StackGuarded programs are effectively immunized against stack smashing attacks. Buffer overflow attacks constitute a majority of software security vulnerabilities [7, 6], and the stack smashing variety treated by StackGuard is the most common form of buffer overflow attack. StackGuard offers substantial compatibility advantages, which we demonstrated by us3. Immunix tools also provide other properties, such as enhanced host intrusion detection, scaleability, ....

Michele Crabb. Curmudgeon's Executive Summary. In Michele Crabb, editor, The SANS Network Security Digest. SANS, 1997. Contributing Editors: Matt Bishop, Gene Spafford, Steve Bellovin, Gene Schultz, Rob Kolstad, Marcus Ranum, Dorothy Denning, Dan Geer, Peter Neumann, Peter Galvin, David Harley, Jean Chouanard.

....problems a distant second. Many of the buffer overflow problems are probably the result of careless programming, and could have been found and corrected by the vendors, before releasing the software, if the vendors had performed elementary testing or code reviews along the way. [4] The base problem is that, while individual buffer overflow vulnerabilities are simple to patch, the vulnerabilities are profligate. Thousands of lines of legacy code are still running as privileged daemons (SUID root) that contain numerous software errors. New programs are being developed with ....

....smashing attacks [15, 17, 21] have made construction of bufferoverflow exploits quite easy. The only remaining work for a would be attacker to do is to find a poorly protected buffer in a privileged program, and construct an exploit. Hundreds of such exploits have been reported in recent years [4]. 3 StackGuard: Making the Stack Safe for Network Access StackGuard is a compiler extension that enhances the executable code produced by the compiler so that it detects and thwarts buffer overflow attacks against the stack. The effect is transparent to the normal function of programs. The only ....

[Article contains additional citation context not shown here]

Michele Crabb. Curmudgeon's Executive Summary. In Michele Crabb, editor, The SANS Network Security Digest. SANS, 1997. ContributingEditors: Matt Bishop, Gene Spafford, Steve Bellovin, Gene Schultz, Rob Kolstad, Marcus Ranum, Dorothy Denning, Dan Geer, Peter Neumann, Peter Galvin, David Harley, Jean Chouanard.

No context found.

Michele Crabb. Curmudgeon's Executive Summary. In Michele Crabb, editor, The SANS Network Security Digest. SANS, 1997. Contributing Editors: Matt Bishop, Gene Spafford, Steve Bellovin, Gene Schultz, Rob Kolstad, Marcus Ranum, Dorothy Denning, Dan Geer, Peter Neumann, Peter Galvin, David Harley, Jean Chouanard.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC