Bugtraq mailing list archives
Buffer overflow and OS/390
From: do.geun.jo () KR ARTHURANDERSEN COM (Do-Geun Jo)
Date: Thu, 4 Feb 1999 18:53:20 +0900
Hello. everyone. I wonder if this letter is not appropriate for the list, but I am sure that aleph1 will filter out if it is. When I was thinking about the OS/390 and its open TCP/IP services, this came to my mind that the conceptual resemblance between MVS and UNIX may lead to some successful buffer overflow attack in OS/390. Now open MVS comes with TCP/IP services that are running as Started Tasks which seem to be just like suid demons. TSO session creates its own address space which seems like a memory space for UNIX shell environment. If a normal user can create a shell code for the jump to the TSO command line of a SPECIAL user, I think that buffer overflow may not be impossible. Even C compiler is available for the ESA. Well, if someone finds vulnerable programs, this may lead to successful attack on the environment. End. *******************Internet Email Confidentiality Footer******************* Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message, and please notify us immediately. Please advise immediately if you or your employer does not consent to Internet email for messages of this kind. Opinions, conclusions and other information expressed in this message are not given or endorsed by my firm or employer unless otherwise indicated by an authorized representative independent of this message.
Current thread:
- Unsecured server in applets under Netscape Giao Nguyen (Feb 02)
- Re: Unsecured server in applets under Netscape BVE (Feb 02)
- Re: Unsecured server in applets under Netscape Giao Nguyen (Feb 03)
- Re: Unsecured server in applets under Netscape Tramale K. Turner (Feb 03)
- Re: Unsecured server in applets under Netscape Alex Muntada (Feb 05)
- Re: Unsecured server in applets under Netscape Giao Nguyen (Feb 03)
- Net::RawIP 0.05 has been released Sergey V. Kolychev (Feb 03)
- Buffer overflow and OS/390 Do-Geun Jo (Feb 04)
- Re: Unsecured server in applets under Netscape Tor Houghton (Feb 04)
- Microsoft Access 97 Stores Database Password as Plaintext Donald Moore (Feb 04)
- Widespread Router Access Port DoS HD Moore (Feb 04)
- Re: Microsoft Access 97 Stores Database Password as Plaintext Ernie Souhrada (Feb 04)
- NOBO denial of service Andrew J. Gavin (Feb 04)
- Re: NOBO denial of service Flavio Veloso (Feb 09)
- Re: Microsoft Access 97 Stores Database Password as Plaintext Ricardo Peres (Feb 04)
- <Possible follow-ups>
- Re: Unsecured server in applets under Netscape Philip Stoev (Feb 03)
- Re: Unsecured server in applets under Netscape BVE (Feb 02)