Re: Java and buffer overflows
From: Nelson Sampaio Araujo Junior (nelson@lunenetworks.com.br)Date: 06/26/02
- Previous message: Rafael Anschau: "Re: Java and buffer overflows"
- In reply to: Rafael Anschau: "Re: Java and buffer overflows"
- Next in thread: Rafael Anschau: "Re: Java and buffer overflows"
- Reply: Rafael Anschau: "Re: Java and buffer overflows"
- Reply: Dave Aitel: "Re: Java and buffer overflows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Nelson Sampaio Araujo Junior" <nelson@lunenetworks.com.br> To: "Rafael Anschau" <rhanscha@terra.com.br>, <anschau.ez@terrra.com.br> Date: Tue, 25 Jun 2002 21:40:33 -0300
Hi,
> I heard thatt java is invulnerable to bofs
> Has anyone succefully exploited a bof in java ?
Please notice that buffer overflow is only one way of software exploitation.
Generalizing the concept, any procedure that makes a software work badly,
and if possible be directed to do something you want (and obviously not
authorized), can be considered exploitation.
Please does not sit down and relax just because Java should not have buffer
overflows. There are inifinite ways of directing a software to do something
bad or not expected, and once more, buffer overflows (or overruns if you
prefer) is *just* one option.
Regards,
Nelson Junior
nelson@lunenetworks.com.br
nelson@LUNE.com.br
- Previous message: Rafael Anschau: "Re: Java and buffer overflows"
- In reply to: Rafael Anschau: "Re: Java and buffer overflows"
- Next in thread: Rafael Anschau: "Re: Java and buffer overflows"
- Reply: Rafael Anschau: "Re: Java and buffer overflows"
- Reply: Dave Aitel: "Re: Java and buffer overflows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
