Date: Sun, 16 Aug 1998 20:59:59 -0500 (CDT) From: "Jasper O'Malley" <jooji@webnology.com> To: Michael Richards <026809r@dragon.acadiau.ca> Cc: security@FreeBSD.ORG Subject: Re: Why don't winblows program have buffer overruns? Message-ID: <Pine.LNX.4.02.9808162048130.30290-100000@mercury.webnology.com> In-Reply-To: <199808162301.UAA09103@dragon.acadiau.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 16 Aug 1998, Michael Richards wrote: > One thing that I have always wondered is: > Why aren't there buffer overruns for winblows that overrun the stack and > execute nasty code? Because nobody bothers to write them, and because the source code for most Winblows programs isn't published, so crackers can't readily peruse it for unchecked strcpy() calls. They have been written, and they're on the rise. See DilDog's "The Tao of the Windows Buffer Overflow" at: http://www.newhackcity.net/win_buff_overflow/index.html Most of the "invalid page faults" you see with Winblows are due to buffer overflows (or crummy bit-flipping RAM). All a cracker has to do is find a replicable overflow and exploit it. > Is there something different about the way those programs execute, and if > so, other than the suid ability, what advantages does the BSD way of doing > things have? Everyone's root on Winblows :) Cheers, Mick The Reverend Jasper P. O'Malley dotdot:jooji@webnology.com Systems Administrator ringring:asktheadmiral Webnology, LLC woowoo:http://www.webnology.com/~jooji To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.02.9808162048130.30290-100000>