Bugtraq mailing list archives
Buffer Overflow Survey Paper
From: crispin () CSE OGI EDU (Crispin Cowan)
Date: Tue, 23 Nov 1999 02:39:53 +0000
Six weeks ago, I asked Bugtraq for responses on the question of whether buffer overflows dominate the area of security vulnerabilities as part of a paper I was writing. Numerous people asked me to post results when I'm done. On the narrow question: approximately 2/3 of respondants thought that buffer overflows do indeed dominate the problem of security vulnerabilities. The remaining 1/3 thought that mis-configuration was the dominant problem. I respect both views, but think that "misconfiguration" is not really a software problem, it's an operational problem. Thus, one could say that buffer overflows are the leading cause of software vulnerabilities, and misconfiguration is the leading operational problem. Which problem dominates overall vulnerability is unclear. On the broader question: the paper is complete. It will appear at the DARPA Information Survivability Expo ( http://schafercorp-ballston.com/discex/ ) and will also appear as an invited talk at SANS 2000 ( http://www.sans.org/newlook/events/sans2000.htm ). This paper categorizes the various kinds of buffer overflow attacks, the various kinds of defensive measure that can be employed, and shows which defenses are effective against which attacks. The paper itself is available for download here: http://immunix.org/StackGuard/discex00.pdf Crispin ----- Crispin Cowan, CTO, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org
Current thread:
- Re: local users can panic linux kernel (was: SuSE syslogd advisory), (continued)
- Re: local users can panic linux kernel (was: SuSE syslogd advisory) Savochkin Andrey Vladimirovich (Nov 20)
- ANN: Bruce v1.0 Early Access 1 - Available for downloa Alec Muffett (Nov 22)
- Re: local users can panic linux kernel (was: SuSE syslogd Alan Cox (Nov 22)
- Re: local users can panic linux kernel (was: SuSE syslogd Savochkin Andrey Vladimirovich (Nov 23)
- Re: local users can panic linux kernel (was: SuSE syslogd Darren Reed (Nov 23)
- Re: local users can panic linux kernel (was: SuSE syslogd Savochkin Andrey Vladimirovich (Nov 24)
- Remote DoS Attack in WorldClient Server v2.0.0.0 Vulnerability Ussr Labs (Nov 24)
- Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability Ussr Labs (Nov 24)
- Re: local users can panic linux kernel (was: SuSE syslogd Darren Reed (Nov 24)
- [w00giving '99 #5 and w00news]: UnixWare 7's su Matt Conover (Nov 25)
- Buffer Overflow Survey Paper Crispin Cowan (Nov 22)
- Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Crispin Cowan (Nov 23)
- [ COBALT ] Security Advisory - Sendmail Jeff Bilicki (Nov 24)
- Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Scott Zimmerman (Nov 24)
- Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Simple Nomad (Nov 24)
- Netscape communicator 4.x Javascript security flaw Ahmed Ghandour (Nov 24)
- Re: Netscape communicator 4.x Javascript security flaw Metal Hurlant (Nov 26)
- Re: Netscape communicator 4.x Javascript security flaw Ahmed Ghandour (Nov 26)
- Windows NT 4.0 Service Pack 6A Breaks IP Forwarding Brendan Howes (Nov 25)
- Oracle Web Listener Mnemonix (Nov 25)
- [w00giving '99 #6]: UnixWare 7's Xsco Matt Conover (Nov 25)