AIX Heap Overflow paper



I've just published a paper on AIX heap overflows. I wrote it back in August
but wanted to wait until a couple of flaws I discovered whilst researching
the topic were fixed by IBM. IBM released the patches today. You can get the
paper at http://www.databasesecurity.com/dbsec/aix-heap.pdf
Cheers,
David Litchfield



Relevant Pages

  • Re: To do or not to do...
    ... those patches, what they fixed, and what wasexploited until it ... the _impact_ of those holes and flaws is dramatically ... having to scroll, scroll, scroll down to see the content of a message. ...
    (rec.collecting.coins)
  • Re: Will WGA shut down Legit XP Users? Yes
    ... Looking through these pages WGA seems to be causing one heck of a lot ... to have patches after patches, not mentioning the time it took to ... discover the flaws in MS Word. ... spare hard drive and a different operating system. ...
    (microsoft.public.windowsxp.general)
  • [Full-disclosure] Fwd: Re "getting off the patch"
    ... are enough ways to tickle it that it is senseless to leave the known flaws in place. ... It is true that sometimes patches don't deal with the underlying causes of trouble, ... cases arguably some other method to put a band-aid on the cancer is as good as the patch. ... ways may be found around your generic solutions to problems, so anything where you have a known ...
    (Full-Disclosure)
  • Re: Will WGA shut down Legit XP Users? Yes
    ... Looking through these pages WGA seems to be causing one heck of a lot ... to have patches after patches, not mentioning the time it took to ... discover the flaws in MS Word. ... spare hard drive and a different operating system. ...
    (microsoft.public.windowsxp.general)
  • [Full-disclosure] AIX Heap Overflow paper
    ... I've just published a paper on AIX heap overflows. ... I wrote it back in August but wanted to wait until a couple of flaws I discovered whilst researching the topic were fixed by IBM. ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)