Re: how to discover vulnerability?

From: Ali Saifullah Khan (ali_saifullah@hotmail.com)
Date: 04/18/03

  • Next message: D K: "Re: Software/Hardware Firewall" 
    From: "Ali Saifullah Khan" <ali_saifullah@hotmail.com>
To: security-basics@securityfocus.com
Date: Fri, 18 Apr 2003 04:48:23 +0000

    Well, there has been debate for some time now over this issue.
    most ways of writing stack/heap/buffer overflows deal with searching for
    places in the code where there are either in-efficient or non-existent
    boundary checking conditions.

    using snprintf() instead of printf() is an example subject which has
    undergone considerable debate for a long time. But there are several other
    theologies you may consider when attempting to exploit a loophole in an
    application. it can be the way it takes input, not necessarily how it takes
    input. if one can structure ways to force input to the application while not
    necessarily attempting buffer overflows, but just by the way the programmer
    has designed the application to deal with input data, you have every chance
    of exploiting a new loophole, the programmer may have never even thought
    about, or written code to avoid.

    Regards,
    Ali Saifullah Khan

    >----- Original Message -----
    >From: "Quynh Nguyen Anh" <quynh@sfc.keio.ac.jp>
    >To: <security-basics@securityfocus.com>
    >Sent: Thursday, April 17, 2003 2:39 AM
    >Subject: how to discover vulnerability?
    >
    >
    > > hello,
    > >
    > > i have a question: almost every day, there are many security holes are
    > > discovered. i wonder how they can find these holes?
    > >
    > > 1. for open source softwares, they must read every source line ?
    > > 2. for closed source softwares, they must reverse engineering binary
    >code
    >?
    > >
    > > anway, i dont know exactly how they can discover holes!
    > >
    > > your ideas on this matter?
    > >
    > > many thanks.
    > > nguyen
    > >
    > >
    > >
    >--------------------------------------------------------------------------
    >-
    > > Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam,
    >the
    > > world's premier event for IT and network security experts. The two-day
    > > Training features 6 hand-on courses on May 12-13 taught by
    >professionals.
    > > The two-day Briefings on May 14-15 features 24 top speakers with no
    >vendor
    > > sales pitches. Deadline for the best rates is April 25. Register today
    >to
    > > ensure your place.
    >http://www.securityfocus.com/BlackHat-security-basics
    > >
    >--------------------------------------------------------------------------
    >--
    > >
    >
    >
    >---------------------------------------------------------------------------
    >Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
    >world's premier event for IT and network security experts. The two-day
    >Training features 6 hand-on courses on May 12-13 taught by professionals.
    >The two-day Briefings on May 14-15 features 24 top speakers with no vendor
    >sales pitches. Deadline for the best rates is April 25. Register today to
    >ensure your place. http://www.securityfocus.com/BlackHat-security-basics
    >----------------------------------------------------------------------------
    >

    _________________________________________________________________
    MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
    http://join.msn.com/?page=features/virus

    ---------------------------------------------------------------------------
    Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
    world's premier event for IT and network security experts. The two-day
    Training features 6 hand-on courses on May 12-13 taught by professionals.
    The two-day Briefings on May 14-15 features 24 top speakers with no vendor
    sales pitches. Deadline for the best rates is April 25. Register today to
    ensure your place. http://www.securityfocus.com/BlackHat-security-basics
    ----------------------------------------------------------------------------

  • Next message: D K: "Re: Software/Hardware Firewall"
    Loading