Bugtraq mailing list archives
RE: White paper: Exploiting the Win32 API.
From: "Rothe, Greg (G.A.)" <grothe () ford com>
Date: Tue, 27 Aug 2002 13:00:05 -0400
All of this brings up a couple of questions for me: 1. As I understand it, all this can be avoided by applying the simple, longtime standard maxim of "trust no input," correct? (If correct, this leads me to murmur rhetorically "Have today's developers no discipline?") 2. If the above is incorrect, and system messages such as event notifications (onClick, etc.) can be compromised, then developers using tools such as Visual Basic are essentially helpless to harden their applications. Other than going back to writing in assembly, what is the modern developer to do? We have here an exclusive or: Which is it - 1 or 2 or neither? Thanks, -Greg =============== Ford CIRT grothe () ford com =============== -----Original Message----- From: Paul Starzetz [mailto:paul () starzetz de] Sent: Monday, August 26, 2002 10:47 AM To: Andrey Kolishak; bugtraq () securityfocus com Subject: Re: White paper: Exploiting the Win32 API. Andrey Kolishak wrote:
There is also article of Symeon Xenitellis "A New Avenue of Attack: Event-driven system vulnerabilities" http://www.isg.rhul.ac.uk/~simos/event_demo/
In fact, the problem is similar to U*ix signals, except that there is no jump-to-address argument for usual. Remember that old ping bug which allowed users to flood the network by sending SIGALRM in some old ping implementations. Maybe reading some manuals about safe signal handling would be a good lecture for Windows developers too: http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/ Section 3.3 especially regards /ih
Current thread:
- Re: White paper: Exploiting the Win32 API., (continued)
- Re: White paper: Exploiting the Win32 API. Florian Weimer (Aug 06)
- RE: White paper: Exploiting the Win32 API. Marc Maiffret (Aug 10)
- RE: White paper: Exploiting the Win32 API. John Howie (Aug 06)
- Re: White paper: Exploiting the Win32 API. Roland Kaufmann (Aug 07)
- Re: White paper: Exploiting the Win32 API. Adam Megacz (Aug 07)
- Re: White paper: Exploiting the Win32 API. Chris Calabrese (Aug 07)
- Re: White paper: Exploiting the Win32 API. slack3r (Aug 07)
- RE: White paper: Exploiting the Win32 API. Kenn Humborg (Aug 10)
- RE: White paper: Exploiting the Win32 API. John Howie (Aug 07)
- Re: White paper: Exploiting the Win32 API. Simos Xenitellis (Aug 09)
- RE: White paper: Exploiting the Win32 API. Rothe, Greg (G.A.) (Aug 28)
- RE: White paper: Exploiting the Win32 API. Drew (Aug 28)
- Re: White paper: Exploiting the Win32 API. Chris Paget (Aug 29)
- RE: White paper: Exploiting the Win32 API. Drew (Aug 28)