This paper describes a kind of vulnerability that is known in the literature but also poor documented. In fact, the problem that is going to be analyzed can be reduced to a memory adjacent overwriting attack but usually it is obtained exploiting the last null byte of a buffer, hence the authors' show that the same result is still possible writing behind a buffer, under certain conditions. To fully understand the subject of this paper it's necessary to describe the memory organization of running processes, then the memory adjacent overwrite attack, concluding with the authors' analysis.
Did you find this white paper useful?
18 out of 43 users found this white paper useful
Related white papers
Balancing Security Against Productivity
What makes for great security? Is it about keeping the bad guys out or letting the good guys in? About defending attacks or preventing them? When IDG Research Services queried...
Secure Desktop On-Demand Webcast
The desktop or endpoint is one of the most vulnerable parts of your environment. Threats are everywhere. You have users who love to experiment with device settings (only to wonder...
Novell Zenworks Endpoint Security Management: Total Control from a Single Console
Still super gluing your USB ports shut? Unauthorized access to networks, lost or stolen laptops and other mobile hardware, and theft of proprietary information or intellectual property accounted for more...
Staffing Service Improves Productivity and Service With Genuine Software
Jawood Management Associates is a professional staffing agency that places hundreds of contract workers with its clientele each year. The company needed increased reliability from its IT environment and an...
Longhorn Security Enhancements
This webcast provides an overview of security improvements in Longhorn.
Los Alamos National Laboratories Intrusion Prevention Systems: A Real World Case Study
This webcast presents a case study on the Los Alamos National Laboratories Intrusion Prevention Systems.
MSDN Webcast: "Ask the Developer Security Experts" Series: Windows XP Service Pack 2: A Developer Overview - Level 200
This webcast series brings together some of the sharpest security-focused Microsoft developers to provide expert answers to your security questions. Beginning with a brief overview of Windows XP Service Pack...
