SearchOpenSource: Linux Virtual Address Randomization and Impacting Buffer Overflows
Nov 18, 2005, 07:00 (0 Talkback[s])
(Other stories by Ed Tittel, Justin Korelc)
[ Thanks to Jane Walker for this link.
"Buffer overflows have been a bane for nearly every operating
system and for all programming languages not explicitly designated
as 'type-safe' (such as C). Everything from desktops to
workstations, servers and embedded hardware can (and often do)
contain potentially exploitable conditions because buffer overflows
are allowed to occur, sometimes with far-reaching effects.
"When exploiting a buffer overflow, an attacker's primary
objective is to direct the target machine to execute arbitrary
code, usually a sequence of position-independent object code known
as a payload..."