Linux Today: Linux News On Internet Time.





More on LinuxToday


Security Portal: The Buffer Overflow Problem

May 03, 1999, 09:48 (4 Talkback[s])

Thanks to Jim Reavis for this link.

"In the less than one year that SecurityPortal.com has been posting Top News, we have literally sent out hundreds of security alerts. Many of them have been related to security exploits caused by buffer overflow vulnerabilities. This is one of the biggest security problems on the Internet today. The worst case scenario with buffer overflows is that you surrender root access to the attacker, who then does absolutely anything he wants with your system. Buffer overflow problems tend to be discovered, exploited and patched on a case by case basis, leading one to reasonably assume that many more are hidden in our servers and are introduced daily in new software releases. Reasonable questions to ask are: what are they, why are they fixed reactively and what can we do about them?"

"StackGuard is a DARPA funded project that seeks to solve the buffer overflow dilemma through a compiler extension."

Complete Story