Linux Today: Linux News On Internet Time.

More on LinuxToday

ScienceDaily: Bell Labs Releases Free Linux Software That Foils Common Computer Security Attack

Apr 27, 2000, 18:00 (0 Talkback[s])

"Buffer overflows have been the most common form of computer security vulnerability exploited by intruders for the past 10 years, according to a recent report published by the Oregon Graduate Institute of Science & Technology (OGI) and funded in part by the Defense Advanced Research Projects Agency (DARPA)."

"Linux distributors Red Hat, Inc., Linux-Mandrake, Turobolinux and Debian GNU/Linux are working with Bell Labs to incorporate Lucent Libsafe into their software releases. The Linux computer operating system contains an "open" source code that anyone is free to modify. Modeled on Bell Labs' Unix software, Linux has been gaining popularity for server and desktop computers over the last few years."

"A buffer is a region of computer memory that application programs use to temporarily store information. Programs that write information to buffers without properly checking the size of the buffers are potentially vulnerable to security attacks. Such attacks cause an inordinately large amount of data to be written, overwriting the memory immediately following the buffer region. The overflow injects additional code into an application program and then hijacks control of that program to execute the injected code. Lucent's Libsafe software intercepts and monitors the use of vulnerable standard functions and prevents buffer overflow hijackings."

Complete Story

Related Stories: